Trojan-Dropper.Win32.Scrop.dyi malware suffers from an insecure permissions vulnerability.
Netgear WNAP320 2.0.3 Remote Code Execution
Netgear WNAP320 version 2.0.3 suffers from an unauthenticated remote code execution vulnerability.
Personnel Record Management System 1.0 Authentication Bypass / XSS
Personnel Record Management System version 1.0 unauthenticated administrator addition exploit that also adds a stored cross site scripting payload.
WordPress YOP Polls 6.2.7 Cross Site Scripting
WordPress YOP Polls plugin version 6.2.7 suffers from a persistent cross site scripting vulnerability.
Constructor.Win32.Bifrose.asc Buffer Overflow / Heap Corruption
Constructor.Win32.Bifrose.asc malware suffers from buffer overflow and heap corruption vulnerabilities.
WordPress wpDiscuz 7.0.4 Shell Upload
This Metasploit module exploits an arbitrary file upload in the WordPress wpDiscuz plugin versions from 7.0.0 through 7.0.4. This flaw gave unauthenticated attackers the ability to upload arbitrary files, including PHP files, and achieve remote code execution on a vulnerable server.
[remote] ES File Explorer 4.1.9.7.4 – Arbitrary File Read
ES File Explorer 4.1.9.7.4 – Arbitrary File Read
Android 2.0 FreeCIV Arbitrary Code Execution
Android version 2.0 exploit for FreeCIV versions 2.2 before 2.2.1 and 2.3 before 2.3.0 that achieves root.
[webapps] Netgear WNAP320 2.0.3 – 'macAddress' Remote Code Execution (RCE) (Unauthenticated)
Netgear WNAP320 2.0.3 – ‘macAddress’ Remote Code Execution (RCE) (Unauthenticated)
[webapps] SAS Environment Manager 2.5 – 'name' Stored Cross-Site Scripting (XSS)
SAS Environment Manager 2.5 – ‘name’ Stored Cross-Site Scripting (XSS)