Atlassian Jira Server/Data Center 8.16.0 – Reflected Cross-Site Scripting (XSS)
>> AUTHOR: deepcore
Atlassian Jira Server/Data Center 8.16.0 – Reflected Cross-Site Scripting (XSS)
WordPress Plugin YOP Polls 6.2.7 – Stored Cross Site Scripting (XSS)
VMware vCenter server versions 6.5, 6.7, and 7.0 unauthenticated remote code execution exploit.
Backdoor.Win32.ReverseTrojan.200 malware suffers from an authentication bypass vulnerability.
Trojan.Win32.SecondThought.ak malware suffers from an insecure permissions vulnerability.
Adobe ColdFusion 8 remote command execution exploit.
Trojan.Win32.Banpak.kh malware suffers from an insecure permissions vulnerability.
Huawei DG8045 ships with a default password that is the last 8 character of the device’s serial number listed on the back.
TP-Link TL-WR841N suffers from a remote command injection vulnerability.
Trojan-Dropper.Win32.Juntador.a malware suffers from having a weak hardcoded password.