Trojan.Win32.Agent.hsm malware suffers from an insecure permissions vulnerability.
>> CATEGORY: exploit
glFTPd version 2.11a remote denial of service exploit.
GetSimple CMS My SMTP Contact plugin versions 1.1.1 and below cross site request forgery to remote code execution exploit.
Simple Student Information System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Native Church Website version 1.0 suffers from a remote shell upload vulnerability.
Chrome V8 Javascript Engine remote code execution zero day exploit. Google is expected to release an update to their browser on tuesday 04/14/2021 that will address this vulnerability.
ExpressVPN VPN Router version 1.0 suffers from an integer overflow vulnerability.
This Metasploit module exploits a vulnerability in the getprofile.sh script of Nagios XI versions prior to 5.6.6 in order to upload a malicious check_ping plugin and thereby execute arbitrary commands….
The access limit check for non-local admins when accessing the SCM remotely can be bypassed by requesting MAXIMUM_ALLOWED, leading to gaining access to start services etc.
Blitar Tourism version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.