This Metasploit module attempts to gain root privileges on RHEL systems with a vulnerable version of Automatic Bug Reporting Tool (ABRT) configured as the crash handler. sosreport uses an insecure…
>> ARCHIVE: 2019-09
vBulletin version 5.x pre-authentication remote code execution zero day exploit.
SpotIE Internet Explorer Password Recovery 2.9.5 – ‘Key’ Denial of Service
Microsoft SharePoint 2013 SP1 – ‘DestinationFolder’ Persistant Cross-Site Scripting
http://www.muang-bua.go.th/html/ notified by KURD ELECTRONIC TEAM
Gila CMS versions prior to 1.11.1 suffer from a local file inclusion vulnerability.
HPE Intelligent Management Center versions prior to 7.3 E0506P09 suffer from an information disclosure vulnerability.
Piwigo versions 2.9.5 and below suffer from cross site scripting, command execution, and remote SQL injection vulnerabilities.
The RDP termdd.sys driver improperly handles binds to internal-only channel MS_T120, allowing a malformed Disconnect Provider Indication message to cause a use-after-free. With a controllable data/size remote nonpaged pool spray,…