ZTE ZXHN H108N R1A and ZXV10 W300 routers suffer from path traversal, information disclosure, improper authorization, and hard-coded credential vulnerabilities.
>> AUTHOR: deepcore
Atlassian Bamboo remote code execution exploit that leverages the java deserialization vulnerability as noted in CVE-2015-6576.
Traffic CMS version 1.4.x suffers from a local file inclusion vulnerability.
This Metasploit module exploits a SQL injection vulnerability found in Joomla versions 3.2 up to 3.4.4. The vulnerability exists in the Content History administrator component in the core of Joomla….
ZTE ADSL ZXV10 W300 modems suffer from insufficient authorization controls, information disclosure, and a backdoor account feature.
SHAREit WebShare version 2.3.80 suffers from a cross site request forgery vulnerability.
Chkrootkit before 0.50 will run any executable file named /tmp/update as root, allowing a trivial privsec. WfsDelay is set to 24h, since this is how often a chkrootkit scan is…
Cambium ePMP 1000 suffers from a remote OS command injection and privilege escalation vulnerabilities.
There is an integer overflow issue in sanity checking section lengths when parsing the vcdiff format (used in SDCH content encoding). This results in the parser parsing outside of sane…
SuperScan version 4.1 suffers from multiple buffer overflow vulnerabilities. Three exploits included.