WordPress AccessPress Social Icons plugin version 1.8.2 suffers from a persistent cross site scripting vulnerability.
>> CATEGORY: exploit
This Metasploit module exploits local file inclusion and log poisoning vulnerabilities (CVE-2020-16152) in Aerohive NetConfig, version 10.0r8a build-242466 and older in order to achieve unauthenticated remote code execution as the…
This Metasploit module exploits local file inclusion and log poisoning vulnerabilities (CVE-2020-16152) in Aerohive NetConfig, version 10.0r8a build-242466 and older in order to achieve unauthenticated remote code execution as the…
Employee and Visitor Gate Pass Logging System version 1.0 suffers from a persistent cross site scripting vulnerability.
Employee Daily Task Management System version 1.0 suffers from a persistent cross site scripting vulnerability.
Dolibarr ERP and CRM version 13.0.2 suffer from a persistent cross site scripting vulnerability.
Dolibarr ERP and CRM version 13.0.2 suffer from a remote code execution vulnerability.
This Metasploit module demonstrates that by removing the authentication exchange, an attacker can issue requests to the local OMI management socket that will cause it to execute an operating system…
A use after free vulnerability exists in the NtGdiResetDC() function of Win32k which can be leveraged by an attacker to escalate privileges to those of NT AUTHORITYSYSTEM. The flaw exists…
FormaLMS versions 2.4.4 and below suffer from an authentication bypass vulnerability.