Month: May 2020

[local] GoldWave – Buffer Overflow (SEH Unicode)

[remote] Plesk/myLittleAdmin – ViewState .NET Deserialization (Metasploit)

[webapps] WordPress Plugin Form Maker 5.4.1 – 's' SQL Injection (Authenticated)

[remote] WebLogic Server – Deserialization RCE – BadAttributeValueExpException (Metasploit)

[webapps] Gym Management System 1.0 – Unauthenticated Remote Code Execution

[local] Druva inSync Windows Client 6.6.3 – Local Privilege Escalation

[webapps] Dolibarr 11.0.3 – Persistent Cross-Site Scripting

[dos] Konica Minolta FTP Utility 1.0 – 'NLST' Denial of Service (PoC)

[dos] Filetto 1.0 – 'FEAT' Denial of Service (PoC)

[dos] Konica Minolta FTP Utility 1.0 – 'LIST' Denial of Service (PoC)