The Task Scheduler can be made to delete a task after it’s trigger has expired. No check is made to ensure the task file is not a junction which allows…
>> CATEGORY: exploit
WordPress Vertical Image Slider plugin version 1.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
A vulnerability within the ndvbs module allows an attacker to inject memory they control into an arbitrary location they define. This vulnerability can be used to overwrite function pointers in…
This Metasploit module exploits an SEH overflow in Konica Minolta FTP Server 1.00. Konica Minolta FTP fails to check input size when parsing ‘CWD’ commands, which leads to an SEH…
WordPress ALO EasyMail Newsletter plugin version 2.6 suffers from cross site request forgery and cross site scripting vulnerabilities.
WordPress xPinner plugin version 2.2 suffers from cross site request forgery and cross site scripting vulnerabilities.
ZeusCart version 4.0 suffers from a cross site scripting vulnerability.
ZeusCart version 4.0 suffers from multiple remote SQL injection vulnerabilities.
WordPress WP-Shop plugin version 3.4.3.18 suffers from a cross site scripting vulnerability.
ManageEngine OpManager versions 11.5 and below suffer from SQL query protection bypass and has hard-coded credentials.