This Metasploit module can be used to upload a plugin on Atlassian Cloud via the pdkinstall development plugin as an unauthenticated attacker. The payload is uploaded as a JAR archive…
>> ARCHIVE: 2021-08
Various Lexmark Universal Printer drivers as listed at advisory TE953 allow low-privileged authenticated users to elevate their privileges to SYSTEM on affected Windows systems by modifying the XML file at…
Simple Image Gallery System 1.0 – ‘id’ SQL Injection
easy-mock 1.6.0 – Remote Code Execution (RCE) (Authenticated)
4images 1.8 – ‘limitnumber’ SQL Injection (Authenticated)
Various Lexmark Universal Printer drivers as listed at advisory TE953 allow low-privileged authenticated users to elevate their privileges to SYSTEM on affected Windows systems by modifying the XML file at…
Trojan-Proxy.Win32.Raznew.gen malware suffers from an unauthenticated open proxy vulnerability.
Backdoor.Win32.IRCBot.gen malware suffers from a hardcoded credential vulnerability.
HackTool.Win32.Hidd.b malware suffers from a buffer overflow vulnerability.
Canon TR150 print drivers versions 3.71.2.10 and below allow local users to read/write files within the “CanonBJ” directory and its subdirectories. By overwriting the DLL at C:ProgramDataCanonBJIJPrinterCNMWINDOWSCanon TR150 seriesLanguageModules40CCNMurGE.dll with…