PHPFusion 9.03.50 – Remote Code Execution
>> AUTHOR: deepcore
PHPFusion 9.03.50 – Remote Code Execution
WordPress Plugin LifterLMS 4.21.0 – Stored Cross-Site Scripting (XSS)
https://www.doa.go.th/th/luv.htm notified by Alf404
An upgrade account is included in the IoT Controller OVA that provides the vendor undocumented access via Secure Copy (SCP).
Codiad version 2.8.4 suffers from a remote shell upload vulnerability.
RarmaRadio version 2.72.8 denial of service proof of concept exploit.
ProFTPd version 1.3.5 remote command execution exploit. This is a variant of the original vulnerability discovered in 2015 with credit going to R-73eN.
Skylight Cyber has identified a total of 13 vulnerabilities in Nagios XI and Nagios Fusion servers. These include remote code execution, cross site scripting, privilege escalation, and more.
Pluck CMS version 4.7.13 suffers from a remote shell upload vulnerability.
i-doit version 1.15.2 suffers from a cross site scripting vulnerability.