WordPress Tevolution plugin version 2.3.1 suffers from a remote shell upload vulnerability.
>> CATEGORY: exploit
Microsoft Office Word 2013 and 2016 suffer from a sprmSdyaTop denial of service vulnerability as described in MS16-099.
Lepton CMS versions 2.2.0 and 2.2.1 suffer from a PHP code injection vulnerability.
SAP ABAP BASIS version 7.4 suffers from a hard-coded password vulnerability.
Lepton CMS versions 2.2.0 and 2.2.1 suffer from a directory traversal vulnerability.
Actiontec T2200H allows for command injection that provides a remote root reverse shell.
Junkware Removal Tool suffers from a dll hijacking vulnerability.
WordPress Magic Fields 1 plugin version 1.7.1 suffers from a persistent cross site scripting vulnerability.
WordPress Magic Fields 2 plugin version 2.3.2.4 suffers from a persistent cross site scripting vulnerability.
Pi-Hole version 2.8.1 with web interface version 1.3 suffers from a persistent cross site scripting vulnerability.