>> ARCHIVE: 2020-08

This archive contains all of the 140 exploits added to Packet Storm in July, 2020.

Atmail Email Server Appliance version 6.4 exploit toolchain that leverages cross site scripting and cross site request forgery to achieve code execution.

OpenEMR versions 5.0.1 and below authenticated remote code execution exploit written in ruby.

Mara CMS version 7.5 suffers from a cross site scripting vulnerability.

Umbraco CMS version 7.12.4 authenticated remote code execution exploit.

Stock Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Stock Management System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities in the Brand, Categories, and Product name fields.

Stock Management System version 1.0 cross site scripting credential harvesting exploit.

Stock Management System version 1.0 suffers from a cross site request forgery vulnerability.

Microsoft Windows Win32k privilege escalation exploit. An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited…