WordPress Plugin WPSchoolPress 2.1.16 – ‘Multiple’ Cross Site Scripting (XSS)
Tags: 0day, remote exploitMumara Classic versions 2.93 and below suffer from a remote SQL injection vulnerability.
Microsoft MultiPoint Server 2011 version 6.1 Compilation 7601 Service Pack 1 suffers from an RpcEptMapper and Dnschade local privilege escalation vulnerability.
WordPress WP Symposium Pro version 2021.10 suffers from a persistent cross site scripting vulnerability.
Xlight FTP version 3.9.3.1 suffers from a buffer overflow vulnerability.
WordPress AccessPress Social Icons plugin version 1.8.2 suffers from a persistent cross site scripting vulnerability.
This Metasploit module exploits local file inclusion and log poisoning vulnerabilities (CVE-2020-16152) in Aerohive NetConfig, version 10.0r8a build-242466 and older in order to achieve unauthenticated remote code execution as the root user. NetConfig is the Aerohive/Extreme Networks HiveOS administrative webinterface. Vulnerable versions allow for LFI because they rely on a version of PHP 5 that […]
This Metasploit module exploits local file inclusion and log poisoning vulnerabilities (CVE-2020-16152) in Aerohive NetConfig, version 10.0r8a build-242466 and older in order to achieve unauthenticated remote code execution as the root user. NetConfig is the Aerohive/Extreme Networks HiveOS administrative webinterface. Vulnerable versions allow for LFI because they rely on a version of PHP 5 that […]
Windows MultiPoint Server 2011 SP1 – RpcEptMapper and Dnschade Local Privilege Escalation
Tags: 0day, remote exploit