Pulse Secure versions 8.1R15.1, 8.2, 8.3, and 9.0 SSL VPN remote code execution exploit.
>> AUTHOR: deepcore
FusionPBX version 4.4.8 remote code execution exploit.
Facebook Messenger suffered from an application crash denial of service vulnerability when sent a single hyphen.
Microsoft Windows suffers from an NTFS privileged file access enumeration vulnerability. Attackers possessing user-only rights can gather intelligence or profile other user account activities by brute forcing a correct file…
WordPress versions 5.2.3 and below remote cross site host modification proof of concept demo exploit.
This Metasploit module exploits a flaw in the WSReset.exe Windows Store Reset Tool. The tool is run with the “autoElevate” property set to true, however it can be moved to…
Many Cisco devices such as Cisco RV340, Cisco RV340W, Cisco RV345, Cisco RV345P, Cisco RV260, Cisco RV260P, Cisco RV260W, Cisco 160, and Cisco 160W suffer from having hard-coded credentials, known…
This Metasploit module exploits a vulnerability found in AwindInc and OEM’ed products where untrusted inputs are fed to ftpfw.sh system command, leading to command injection. A valid SNMP read-write community…
WordPress API Bearer Auth plugin version 20181229 suffers from a cross site scripting vulnerability.