Ruckus IoT Controller (Ruckus vRIoT) 1.5.1.0.21 – Remote Code Execution
>> AUTHOR: deepcore
Ruckus IoT Controller (Ruckus vRIoT) 1.5.1.0.21 – Remote Code Execution
WonderCMS 3.1.3 – ‘uploadFile’ Stored Cross-Site Scripting
FrozenNode Laravel-Administrator 4 – Unrestricted File Upload (Authenticated)
Acronis Cyber Backup 12.5 Build 16341 – Unauthenticated SSRF
Moodle 3.8 – Unrestricted File Upload
Foxit Reader 9.0.1.1049 – Arbitrary Code Execution
Wondershare Driver Install Service Help version 10.7.1.321 suffers from an unquoted service path vulnerability.
osCommerce version 2.3.4.1 suffers from a persistent cross site scripting vulnerability.
SyncBreeze version 10.0.28 suffers from a remote buffer overflow vulnerability.
This Metasploit module exploits WordPress Simple File List plugin versions prior to 4.2.3, which allows remote unauthenticated attackers to upload files within a controlled list of extensions. However, the rename…