The Moodle Atto Editor, which does not have versions, suffers from a cross site scripting vulnerability.
>> CATEGORY: exploit
Backdoor.Win32.Kwak.12 malware suffers from bypass and man-in-the-middle vulnerabilities.
Backdoor.Win32.Kwak.12 malware suffers from a denial of service vulnerability.
Development Kamel KCFinder version 1.7 suffers from a remote shell upload vulnerability.
Regis Inventory and Monitoring System version 1.0 suffers from a persistent cross site scripting vulnerability.
GetSimple CMS Custom JS plugin version 0.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
Backdoor.Win32.Kwak.12 malware suffers from bypass and code execution vulnerabilities.
Multiple TP-Link devices suffer from an unauthenticated persistent cross site scripting vulnerability. Affected models include TD-W9977, TL-WA801ND, TL-WA801N, TL-WR802N, and Archer-C3150.
Backdoor.Win32.Kwak.12 malware suffers from a bypass vulnerability.
This Metasploit module exploits the CVE-2020-6207 vulnerability within the SAP EEM servlet of SAP Solution Manager (SolMan) running version 7.2. The vulnerability occurs due to missing authentication checks when submitting…