Shenzhen Skyworth RN510 suffers from cross site request forgery and cross site scripting vulnerabilities.
>> AUTHOR: deepcore
This Metasploit module exploits an arbitrary config write/update vulnerability to achieve remote code execution. Unauthenticated users can execute a terminal command under the context of the web server user. Grav…
Schlix CMS 2.2.6-6 – ‘title’ Persistent Cross-Site Scripting (Authenticated)
Schlix CMS 2.2.6-6 – Remote Code Execution (Authenticated)
WordPress Plugin WP Super Edit 2.5.4 – Remote File Upload
Apple Security Advisory 2021-05-03-4 – macOS Big Sur 11.3.1 addresses code execution and integer overflow vulnerabilities.
Apple Security Advisory 2021-05-03-1 – iOS 14.5.1 and iPadOS 14.5.1 addresses code execution and integer overflow vulnerabilities.
Apple Security Advisory 2021-05-03-2 – iOS 12.5.3 addresses buffer overflow, code execution, integer overflow, and use-after-free vulnerabilities.
Apple Security Advisory 2021-05-03-3 – watchOS 7.4.1 addresses a code execution vulnerability.
The Custom JS plugin version 0.1 for GetSimple CMS suffers from a cross site request forgery vulnerability that allows remote unauthenticated attackers to inject arbitrary client-side code into authenticated administrators…