NetBSD mail.local(8) local root exploit that leverages a race condition as noted in NetBSD-SA2016-006.
>> CATEGORY: exploit
This Metasploit module exploits a remote command execution vulnerability in the Barracuda Web App Firewall Firmware version 8.0.1.007 and below and Load Balancer Firmware versions 5.4.0.004 and below by exploiting…
This Metasploit module exploits a remote command execution vulnerability in the Barracuda Spam and Virus firewall firmware versions 5.1.3.007 and below by exploiting a vulnerability in the web administration interface….
TFTP server version 1.4 WRQ buffer overflow exploit with egghunter shellcode.
UPC Hungary devices have the same administrative password for all devices, send it insecurely over the wire, and also use telnetd by default.
The Technicolor TC7200 suffers from session management issues and also uses a fixed password for backup file encryption. Proof of concept code included.
WordPress WooCommerce plugin version 2.6.2 suffers from a cross site scripting vulnerability.
WordPress Paid Memberships Pro plugin version 1.8.9.3 suffers from a cross site scripting vulnerability.
PHP versions 7.0.8, 5.6.23, and 5.5.37 suffers from an out-of-bounds write vulnerability in bzread().
The Compal CH7465LG-LC suffers session management, denial of service, unauthenticated configuration changes, and command injection vulnerabilities. Proof of concept included.