This Metasploit module exploits an arbitrary file upload in the WordPress wpDiscuz plugin versions from 7.0.0 through 7.0.4. This flaw gave unauthenticated attackers the ability to upload arbitrary files, including…
>> CATEGORY: exploit
Android version 2.0 exploit for FreeCIV versions 2.2 before 2.2.1 and 2.3 before 2.3.0 that achieves root.
VMware vCenter server versions 6.5, 6.7, and 7.0 unauthenticated remote code execution exploit.
Backdoor.Win32.ReverseTrojan.200 malware suffers from an authentication bypass vulnerability.
Trojan.Win32.SecondThought.ak malware suffers from an insecure permissions vulnerability.
Adobe ColdFusion 8 remote command execution exploit.
Trojan.Win32.Banpak.kh malware suffers from an insecure permissions vulnerability.
Huawei DG8045 ships with a default password that is the last 8 character of the device’s serial number listed on the back.
TP-Link TL-WR841N suffers from a remote command injection vulnerability.
Trojan-Dropper.Win32.Juntador.a malware suffers from having a weak hardcoded password.