Web Based Quiz System version 1.0 suffers from a persistent cross site scripting vulnerability related to MCQ options.
>> CATEGORY: exploit
WiFi Mouse version 1.7.8.5 suffers from a remote code execution vulnerability.
Backdoor.Win32.RemoteManipulator.fdo malware suffers from an insecure permissions vulnerability.
VMware vCenter Server version 7.0 unauthenticated arbitrary file upload exploit.
Online Catering Reservation System version 1.0 suffers from an unauthenticated remote code execution vulnerability.
Covid-19 Contact Tracing System version 1.0 suffers from a remote code execution vulnerability.
Trojan-Spy.Win32.Stealer.osh malware suffers from an insecure permissions vulnerability.
Concrete5 version 8.5.4 suffers from a persistent cross site scripting vulnerability.
This Metasploit module exploits an unauthenticated arbitrary file upload via an insecure POST request to Fortilogger. It has been tested on version 4.4.2.2 in Windows 10 Enterprise.
This archive contains all of the 189 exploits added to Packet Storm in February, 2021.