This Metasploit module exploits a buffer overflow vulnerability found in the MKD command of the PCMAN FTP version 2.0.7 Server. This requires authentication but by default anonymous credentials are enabled.
>> ARCHIVE: 2017-04
53+ WordPress plugins by BestWebSoft suffer from cross site scripting and cross site request forgery vulnerabilities.
Magento versions 2.1.6 and below suffers from cross site request forgery and shell upload vulnerabilities.
Solaris versions 7 through 11 on both x86 and SPARC suffer from an EXTREMEPARR dtappgather local privilege escalation vulnerability.
Cisco Catalyst 2960 with IOS version 12.2(55)SE11 ROCEM remote code execution exploit.
Adobe Creative Cloud Desktop Application versions 4.0.0.185 and below suffers from a privilege escalation vulnerability.
The Nintendo 3DS DNS client resolver library uses a predictable (incremented) TXID allowing for the spoofing of responses.
FAQ Script version 3.1.3 suffers from a remote SQL injection vulnerability.
Microsoft Office OneNote 2007 suffers from a dll hijacking vulnerability.
Classified Portal Software version 5.1 suffers from a remote SQL injection vulnerability.