An indepedent vulnerability laboratory researcher discovered a stored cross site scripting web vulnerability in the official CM Ad Changer v1.7.7 WordPress Plugin.
>> CATEGORY: exploit
The vulnerability laboratory core research team discovered a local memory corruption vulnerability in the official FlashFXP v5.3.0 windows software.
This Metasploit module exploits a stack buffer overflow in the Poison Ivy 2.1.x C&C server. The exploit does not need to know the password chosen for the bot/server communication.
IPFire, a free linux based open source firewall distribution, versions prior to 2.19 Update Core 101 contain a remote command execution vulnerability in the proxy.cgi page.
IPFire, a free linux based open source firewall distribution, versions 2.15 Update Core 82 and below contain an authenticated remote command execution vulnerability via shellshock in the request headers.
This Metasploit module exploits a remote command execution vulnerability in Apache Struts version between 2.3.20 and 2.3.28 (except 2.3.20.2 and 2.3.24.2). Remote Code Execution can be performed when using REST…
There’s an integer overflow issue in get_node_path_locked in /system/bin/sdcard on Android, which results in a buffer overflow.
miniMySQLAdmin version 1.1.3 suffers from a cross site request forgery vulnerability.
ArticleSetup version 1.00 suffers from a cross site request forgery vulnerability.
phpMyFAQ version 2.9.0 suffers from a persistent cross site scripting vulnerability.