Odin Secure FTP Expert version 7.6.3 Site Info denial of service proof of concept exploit.
DesignMasterEvents CMS 1.0 SQL Injection / Cross Site Scripting
DesignMasterEvents CMS version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
WordPress Event-Registration 5.43 Arbitrary File Upload
WordPress Event-Registration plugin version 5.43 suffers from an arbitrary file upload vulnerability.
Zen Load Balancer 3.10.1 Remote Code Execution
Zen Load Balancer version 3.10.1 suffers from a remote code execution vulnerability.
Joomla Fabrik 3.9.11 Directory Traversal
Joomla Fabrik component version 3.9.11 suffers from a directory traversal vulnerability.
10-Strike Network Inventory Explorer 9.03 Buffer Overflow
10-Strike Network Inventory Explorer version 9.03 Read-from-file buffer overflow exploit that uses SEH and ROP.
[remote] DLINK DWL-2600 – Authenticated Remote Command Injection (Metasploit)
DLINK DWL-2600 – Authenticated Remote Command Injection (Metasploit)
[webapps] Grandstream UCM6200 Series CTI Interface – 'user_password' SQL Injection
Grandstream UCM6200 Series CTI Interface – ‘user_password’ SQL Injection
[dos] FlashFXP 4.2.0 Build 1730 – Denial of Service (PoC)
FlashFXP 4.2.0 Build 1730 – Denial of Service (PoC)
Redis Replication Code Execution
This Metasploit module can be used to leverage the extension functionality added since Redis 4.0.0 to execute arbitrary code. To transmit the given extension it makes use of the feature of Redis which called replication between master and slave.