WordPress Ad Widget plugin versions 2.10.0 and below suffer from a local file inclusion vulnerability.
>> ARCHIVE: 2017-10
This Metasploit module exploits the authentication bypass and command injection vulnerability together. Unauthenticated users can execute a terminal command under the context of the web server user. The specific flaw…
ASX to MP3 3.1.3.7 – ‘.m3u’ Buffer Overflow
Trend Micro InterScan Messaging Security (Virtual Appliance) – Remote Code Execution (Metasploit)
Trend Micro OfficeScan 11.0/XG (12.0) – Remote Code Execution (Metasploit)
PyroBatchFTP version 3.17 suffers from a local buffer overflow vulnerability.
Complain Management System – Hard-Coded Credentials / Blind SQL injection
Utilizing Rancher Server, an attacker can create a docker container with the ‘/’ path mounted with read/write permissions on the host server that is running the docker container. As the…
QNAP HelpDesk < 1.1.12 – SQL Injection
OrientDB 2.2.2 – 2.2.22 – Remote Code Execution (Metasploit)