>> CATEGORY: exploit

ICSiteBuilder version 1.1 suffers from a remote SQL injection vulnerability.

Carel PlantVisor version 2.4.4 suffers from a directory traversal vulnerability.

This Metasploit module exploits a stack based buffer overflow vulnerability found in Dameware Mini Remote Control v4.0. The overflow is caused when sending an overly long username to the DWRCS…

This Metasploit module exploits a file upload vulnerability found within Cloudview NMS versions prior to 2.00b. The vulnerability is triggered by sending specialized packets to the server with directory traversal…

This Metasploit module exploits a command injection vulnerability found within the sync_rserver function in Util.pm. The vulnerability is triggered due to an incomplete blacklist during the parsing of the $uuid…

Proof of concept exploit for a Microsoft Windows .NET Framework remote code execution vulnerability. It spawns mspaint.

This Metasploit module exploits a vulnerability found in Cloudview NMS server. The software contains a directory traversal vulnerability that allows a remote attacker to write arbitrary file to the file…

ACG (Arbitrary Code Guard) in Microsoft Edge is bypassable. The bypass has been tested on Microsoft Edge 40.15063.0.0 running on Windows 10 Enterprise 64-bit with Creators Update (Version 1703, OS…

Mako Web Server suffers from file disclosure, remote command execution, and server-side request forgery vulnerabilities.

IBM Infosphere Information Server / Datastage versions 9.1, 11.3, and 11.5 (including Cloud version 11.5) suffer from bypass, XML external entity injection, DLL side loading, and various other vulnerabilities.