WordPress Duplicator plugin version 1.4.7.1 suffers from a backup disclosure vulnerability.
>> CATEGORY: exploit
This Metasploit module exploits CVE-2022-28219, which is a pair of vulnerabilities in ManageEngine ADAudit Plus versions before build 7060. They include a path traversal in the /cewolf endpoint along with…
Thingsboard version 3.3.1 suffers from multiple persistent cross site scripting vulnerabilities.
Thingsboard version 3.3.1 suffers from multiple persistent cross site scripting vulnerabilities.
WordPress Testimonial Slider and Showcase plugin version 2.2.6 suffers from a persistent cross site scripting vulnerability.
Online Admission System version 1.0 suffers from a remote SQL injection vulnerability.
Backdoor.Win32.Bushtrommel.122 malware suffers from an unauthenticated remote command execution vulnerability.
Backdoor.Win32.Bushtrommel.122 malware suffers from an authentication bypass vulnerability.
WordPress Ecwid Ecommerce Shopping Cart plugin versions 6.10.23 and below suffer from a cross site request forgery vulnerability.
This Metasploit module creates a RAR file that can be emailed to a Zimbra server to exploit CVE-2022-30333. If successful, it plants a JSP-based backdoor in the public web directory,…