The Windows Explorer Preview Pane feature allows for spoofing of links contained in an HTML based file because upon moving the mouse over the link nothing happens and it cannot…
>> CATEGORY: exploit
Backdoor.Win32.FTP.Simpel.12 malware uses MD5 with no salt for password storage.
Terramaster F4-210 and F2-210 chained exploit that performs session crafting to achieve escalated privileges that then allows an attacker to access vulnerable code execution flaws. TOS versions 4.2.x are affected.
This Metasploit module exploits CVE-2021-44077, an unauthenticated remote code execution vulnerability in ManageEngine ServiceDesk Plus, to upload an EXE (msiexec.exe) and execute it as the SYSTEM account. Note that build…
Accu-Time Systems MAXIMUS version 1.0 telnetd buffer overflow exploit that causes a denial of service condition.
WBCE CMS versions 1.5.1 and below suffer from an administrative password reset vulnerability.
Exponent CMS version 2.6 suffers from cross site scripting and brute forcing vulnerabilities.
phpKF CMS version 3.00 Beta y6 unauthenticated remote code execution exploit.
Aver EVC300 firmware version 00.10.16.36 suffers from having multiple hard-coded secrets that can allow for access bypass.
Signup PHP Portal version 2.1 suffers from a remote shell upload vulnerability.