>> CATEGORY: exploit

An independent vulnerability laboratory researcher discovered a client-side cross site request forgery vulnerability in …

Yaws server version2.0 suffers from multiple cross site scripting vulnerabilities.

rpcinfo portmap DUMP call amplification distributed denial of service exploit.

IoT mDNS/DNS-SD QM amplification distributed denial of service exploit.

PDNS Manager from Git master 3bf4e28 (2016-12-12) through 2bb00ea (2017-05-22) suffer from a remote command execution vulnerability.

This Metasploit module exploits a SQL injection flaw in the login functionality for GoAutoDial version 3.3-1406088000 and below, and attempts to perform command injection. This also attempts to retrieve the…

OpenDreamBox version 2.0.0 suffers from a remote code execution vulnerability in the WebAdmin plugin.

CMS Made Simple versions 2.2.1 and below suffers from a local inclusion vulnerability.

eVestigator Forensic PenTester version 1 suffers from a remote code execution vulnerability via man-in-the-middle attacks.

DoorGets CMS version 7.0 suffers from an open redirect vulnerability.