>> ARCHIVE: 2018-06

Microsoft Windows suffers from an ADODB.Record object file overwrite vulnerability. The password for the proof of concept zip is adorecord.

This Metasploit module exploits a few different vulnerabilities in Nagios XI 5.2.6-5.4.12 to gain remote root access. The steps are: 1. Issue a POST request to /nagiosql/admin/settings.php which sets the…

This Metasploit module exploits a buffer overflow in the FTPShell client 6.70 (Enterprise edition) allowing remote code execution.

HongCMS version 3.0.0 suffers from a remote SQL injection vulnerability.

BEESCMS version 4.0 suffers from an add administrator cross site request forgery vulnerability.

DIGISOL DG-HR3400 Wireless Router suffers from a cross site scripting vulnerability.

hycus CMS version 1.0.4 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Android suffers from multiple race condition vulnerabilities in the media.metrics service.

Cisco Adaptive Security Appliance suffers from a path traversal vulnerability.

TP-Link TL-WR841N v13 suffers from cross site request forgery vulnerabilities.