Showdoc 2.10.3 – Stored Cross-Site Scripting (XSS)
>> AUTHOR: deepcore
Showdoc 2.10.3 – Stored Cross-Site Scripting (XSS)
This Metasploit module exploits CVE-2022-30525, an unauthenticated remote command injection vulnerability affecting Zyxel firewalls with zero touch provisioning (ZTP) support. By sending a malicious setWanPortSt command containing an mtu field…
Multiple Konica Minolta bizhub MFP printer terminals suffer from a sandbox escape with root access and have clear-text password vulnerabilities.
Multiple Konica Minolta bizhub MFP printer terminals suffer from a sandbox escape with root access and have clear-text password vulnerabilities.
F5 BIG-IP version 16.0.x remote code execution exploit.
Royal Event Management System version 1.0 suffers from a remote SQL injection vulnerability.
REvil ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit…
TLR-2005KSH suffers from an arbitrary file deletion vulnerability.
AppleVideoDecoder suffers from an out-of-bounds free vulnerability. The attached video file contains a malformed HEVC Decoder Configuration Record that leads to an out-of-bounds free in CreateHeaderBuffer. When copying the VPS,…
College Management System version 1.0 suffers from a remote SQL injection vulnerability.