This Metasploit module exploits the authentication bypass and command injection vulnerability together. Unauthenticated users can execute a terminal command under the context of the web server user. The specific flaw…
>> CATEGORY: exploit
This Metasploit module will bypass Windows UAC by utilizing the trusted publisher certificate through process injection. It will spawn a second shell that has the UAC flag turned off by…
PHP Melody version 2.7.3 suffers from cross site scripting and SQL injection vulnerabilities.
Complain Management System suffers from hard-coded credential and remote SQL injection vulnerabilities.
ClipShare version 7.0 suffers from a remote SQL injection vulnerability.
Apache Tomcat versions prior to 7.0.8, 8.0.47, 8.5.23, and 9.0.1 (Beta) JSP upload bypass and code execution exploit.
The PostgreSQL 10 installer for Windows suffers from a dll hijacking vulnerability.
Subaru’s suffer from an issue where the rolling code used by the keyfob and car is predictable in the sense that it is not random. It is simply incremental. An…
IBM Notes versions 8.5 and 9.0 encodeURI denial of service exploit.
WordPress TR Easy Google Analytics plugin version 1.0.0 suffers from a cross site scripting vulnerability.