>> ARCHIVE: 2016-04

This Metasploit module exploits a buffer overflow vulnerability found in the PUT command of the PCMAN FTP server version 2.0.7. This requires authentication but by default anonymous credentials are enabled.

This Metasploit module exploits a SEH overflow in the Easy File Sharing FTP server version 7.2.

This particular vulnerability makes it possible to force a Stratum Mining Pool to accept “invalid” shares by the thousands for each mining pool round. It is possible to make pure…

PQI Air Pen Express router versions 6W51-0000R2 and 6W51-0000R2XXX suffer from cross site request forgery, cross site scripting, and various other vulnerabilities.

Cacti versions 0.8.8g and below remote SQL injection exploit.

DotCMS version 3.3 suffers from a remote SQL injection vulnerability.

Hexchat IRC client version 2.11.0 suffers from a directory traversal vulnerability.

Hexchat IRC client version 2.11.0 suffers from a stack buffer overflow vulnerability.

Quanta LTE routers suffer from backdoor accounts, remote code execution, weak WPS functionality, arbitrary file reading, and a ridiculous amount of other vulnerabilities.

MeshCMS version 3.6 suffers from a remote command execution vulnerability.