Linux/x86 – Bind TCP Shell + fork() Shellcode (113 bytes)
>> ARCHIVE: 2018-05
Linux/x86 – Bind TCP Shell + fork() Shellcode (113 bytes)
HWiNFO version 5.82-3410 suffers from a denial of service vulnerability.
This Metasploit module exploits a code injection vulnerability within an authenticated file upload feature in PlaySMS version 1.4. This issue is caused by improper file name handling in sendfromfile.php file….
This Metasploit module exploits an authenticated file upload remote code execution vulnerability in PlaySMS version 1.4. This issue is caused by improper file contents handling in import.php (aka the Phonebook…
The WordPress User Role Editor plugin prior to v4.25, is lacking an authorization check within its update user profile functionality (“update” function, contained within the “class-user-other-roles.php” module). Instead of verifying…
DeviceLock Plug and Play Auditor version 5.72 suffers from a unicode buffer overflow vulnerability.
GNU Wget versions 1.7 through 1.19.4 suffer from a cookie injection vulnerability.
This Metasploit module exploits a chain of vulnerabilities in Palo Alto Networks products running PAN-OS versions prior to 6.1.19, 7.0.19, 7.1.14, and 8.0.6. This chain starts by using an authentication…
Apple Security Advisory 2018-05-04-1 – Security Update 2018-001 Swift 4.1.1 for Ubuntu 14.04 is now available and addresses code execution issues.
PlaySMS 1.4 – ‘sendfromfile.php?Filename’ Authenticated ‘Code Execution (Metasploit)