This Metasploit module exploits a remote code execution vulnerability in the Struts Showcase app in the Struts 1 plugin example in Struts 2.3.x series. Remote code execution can be performed…
>> CATEGORY: exploit
This Metasploit module exploits a vulnerability in Jenkins. An unsafe deserialization bug exists on the Jenkins, which allows remote arbitrary code execution via HTTP. Authentication is not required to exploit…
RS Authentication Manager versions prior to 8.3 P1 suffer from cross site scripting and XML external entity injection vulnerabilities.
Monstra CMS version 3.0.4 suffers from a shell upload remote code execution vulnerability.
2345 Security Guard version 3.7 suffers from a denial of service vulnerability related to 2345NsProtect.sys.
WordPress WP ULike plugin versions 2.8.1 and 3.1 suffer from a persistent cross site scripting vulnerability.
WordPress WP ULike plugin versions 2.8.1 and 3.1 suffer from an arbitrary data deletion vulnerability.
Signal Desktop suffers from an HTML injection vulnerability.
Totemomail Encryption Gateway version 6.0.0_Build_371 suffers from a JSONP hijacking vulnerability.
Microsoft Windows suffers from a token process trust SID access check bypass elevation of privilege vulnerability.