>> CATEGORY: exploit

Online Diagnostic Lab Management System version 1.0 suffers from a remote SQL injection vulnerability.

WordPress Frontend Uploader plugin version 1.3.2 suffers from a persistent cross site scripting vulnerability.

Crestron HD-MD4X2-4K-E version 1.0.0.2159 suffers from a credential disclosure vulnerability. When the administrative web interface of the Crestron HDMI switcher is accessed unauthenticated, user credentials are disclosed which are valid…

Libstagefright, the media framework on Android, suffers from an out-of-bounds write vulnerability on the heap.

This Metasploit module will exploit an HTTP end point with the Log4Shell vulnerability by injecting a format message that will trigger an LDAP connection to Metasploit and load a payload….

Microsoft Windows suffers from a registration file dialog spoofing vulnerability and their last fix to this issue can be bypassed.

Microsoft Windows Defender suffers from a detection bypass vulnerability due to a sub-par mitigation priorly adopted.

Backdoor.Win32.Controlit.10 malware suffers from a code execution vulnerability.