Previewing a WMA/WMV media format on Windows Explorer through its Preview Pane causes embedded URLs to be automatically opened in the default browser without displaying any prompt.
Backdoor.Win32.Visiotrol.10 Insecure Password Storage
Backdoor.Win32.Visiotrol.10 malware suffers from an insecure password storage vulnerability.
Backdoor.Win32.FTP.Simpel.12 Man-In-The-Middle
Backdoor.Win32.FTP.Simpel.12 malware suffers from a man-in-the-middle vulnerability.
Windows Explorer Preview Pane HTML File Link Spoofing
The Windows Explorer Preview Pane feature allows for spoofing of links contained in an HTML based file because upon moving the mouse over the link nothing happens and it cannot be right-clicked to show the actual target.
Backdoor.Win32.FTP.Simpel.12 Insecure Crypto Implementation
Backdoor.Win32.FTP.Simpel.12 malware uses MD5 with no salt for password storage.
Terramaster F4-210 / F2-210 Remote Code Execution
Terramaster F4-210 and F2-210 chained exploit that performs session crafting to achieve escalated privileges that then allows an attacker to access vulnerable code execution flaws. TOS versions 4.2.x are affected.
ManageEngine ServiceDesk Plus Remote Code Execution
This Metasploit module exploits CVE-2021-44077, an unauthenticated remote code execution vulnerability in ManageEngine ServiceDesk Plus, to upload an EXE (msiexec.exe) and execute it as the SYSTEM account. Note that build 11305 is vulnerable to the authentication bypass but not the file upload. The module will check for an exploitable build.
Accu-Time Systems MAXIMUS 1.0 Buffer Overflow / Denial Of Service
Accu-Time Systems MAXIMUS version 1.0 telnetd buffer overflow exploit that causes a denial of service condition.
WBCE CMS 1.5.1 Admin Password Reset
WBCE CMS versions 1.5.1 and below suffer from an administrative password reset vulnerability.
phpKF CMS 3.00 Beta y6 Remote Code Execution
phpKF CMS version 3.00 Beta y6 unauthenticated remote code execution exploit.