This Metasploit module creates a RAR file that can be emailed to a Zimbra server to exploit CVE-2022-30333. If successful, it plants a JSP-based backdoor in the public web directory,…
>> CATEGORY: exploit
WordPress Duplicator plugin version 1.4.7 suffers from a backup disclosure vulnerability.
WordPress Download Manager plugin versions 3.2.50 and below suffer from an arbitrary file deletion vulnerability.
Backdoor.Win32.Jokerdoor malware suffers from a buffer overflow vulnerability.
The WebGL implementation for setting uniform values with an ArrayBuffer argument do not properly handle large buffer sizes. As WASM now allows allocating large ArrayBuffers, this can lead to buffer…
VMware Workspace ONE Access contains a vulnerability whereby the horizon user can escalate their privileges to those of the root user by modifying a file and then restarting the vmware-certproxy…
VMware Workspace ONE Access contains a vulnerability whereby the horizon user can escalate their privileges to those of the root user by modifying a file and then restarting the vmware-certproxy…
Multi-Language Hotel Management 2022 version 1.0 suffers from a remote SQL injection vulnerability.
IObit Malware Fighter version 9.2 fails to provide sufficient anti-tampering protection and that shortcoming can be leveraged to escalate to SYSTEM privileges.
MobileIron Core is affected by the Log4Shell vulnerability whereby a JNDI string sent to the server will cause it to connect to the attacker and deserialize a malicious Java object….