WebKit suffers from an integer overflow in NodeRareData::m_connectedFrameCount that can lead to universal cross site scripting and type confusion.
>> ARCHIVE: 2019-11
Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass authentication using the RDS component. Due to default settings or misconfiguration, its password can be set to an…
This Metasploit module exploits an unauthenticated command injection vulnerability in rConfig versions 3.9.2 and prior. The install directory is not automatically removed after installation, allowing unauthenticated users to execute arbitrary…
This Metasploit module exploits CVE-2017-13156 in Android to install a payload into another application. The payload APK will have the same signature and can be installed as an update, preserving…
This Metasploit module exploits the SNMP write access configuration ability of SNMP-EXTEND-MIB to configure MIB extensions and lead to remote code execution.
http://nueaklong.go.th/kurd.html notified by 0x1998
http://www.pattaya.chonburi.police.go.th/README.txt notified by 0x1998
Nextcloud 17 – Cross-Site Request Forgery
rConfig – install Command Execution (Metasploit)
Android Janus – APK Signature Bypass (Metasploit)