>> CATEGORY: exploit

This Metasploit module exploits an input validation error on the log file extension parameter. It does not properly validate upper/lower case characters. Once this occurs, the application log file will…

This Metasploit module exploits an unauthenticated command injection in Cisco HyperFlex HX Data Platform’s /storfs-asup endpoint to execute shell commands as the Tomcat user.

Proof of concept exploit for a remote code execution vulnerability in Microsoft’s RDP service.

GetSimple CMS version 3.3.4 suffers from an information disclosure vulnerability.

Apache Airflow versions 1.10.10 and below suffer from a remote code execution vulnerability.

Intel Audio Service version 01.00.1080.0 suffers from an unquoted service path vulnerability.

Products.PluggableAuthService version 2.6.0 suffers from an open redirection vulnerability.

Backdoor.Win32.Delf.acz malware suffers from a buffer overflow vulnerability.

Seo Panel version 4.8.0 suffers from multiple cross site scripting vulnerabilities.

Thecus N4800Eco NAS server control panel suffers from a command injection vulnerability.