PHPMailer versions prior to 5.2.20 zero day remote code execution exploit. This bypasses the CVE-2016-10033 patch.
WordPress Simply Poll 1.4.1 SQL Injection
WordPress Simply Poll plugin version 1.4.1 suffers from a remote SQL injection vulnerability.
http://www.loei.m-society.go.th/web56/
http://www.loei.m-society.go.th/web56/ notified by Intruder
http://building.dpt.go.th/x.txt
http://building.dpt.go.th/x.txt notified by DeathKillersDefacers
PHPMailer 5.2.17 Remote Code Execution
PHPMailer versions prior to 5.2.18 suffer from a remote code execution vulnerability. This archive consists of the full advisory and also the proof of concept code.
WordPress Image Slider 1.1.41 / 1.1.89 Arbitrary File Deletion
WordPress Image Slider plugin versions 1.1.41 and 1.1.89 suffer from an arbitrary file deletion vulnerability.
FTPShell Server 6.36 Denial Of Service
FTPShell Server version 6.36 .csv local denial of service vulnerability.
Android get_user/put_user Exploit
This Metasploit module exploits a missing check in the get_user and put_user API functions in the linux kernel before 3.5.5. The missing checks on these functions allow an unprivileged user to read and write kernel memory. This exploit first reads the kernel memory to identify the commit_creds and ptmx_fops address, then uses the write primitive […]
Joomla Blog Calendar SQL Injection
Joomla Blog Calendar versions prior to 1.2.5 suffer from a remote SQL injection vulnerability.
Wampserver 3.0.6 Privilege Escalation
Wampserver version 3.0.6 suffers from an insecure file permissions privilege escalation vulnerability.