Batflat CMS version 1.3.6 suffers from multiple persistent cross site scripting vulnerabilities.
>> CATEGORY: exploit
This Metasploit module uses job functionality in the Apache Flink dashboard web interface to upload and execute a JAR file, leading to remote execution of arbitrary Java code as the…
Apache MyFaces versions 2.2.13 and below, 2.3.7 and below, 2.3-next-M4 and below, and 2.1 and below suffer from a cross site request forgery vulnerability.
Trojan-Proxy.Win32.Daemonize.i malware suffers from a denial of service vulnerability.
Backdoor.Win32.Inject.tyq malware suffers from an insecure permissions vulnerability.
Trojan.Win32.Pincav.cmfl malware suffers from an insecure permissions vulnerability.
Backdoor.Win32.Ketch.h malware suffers from a buffer overflow vulnerability.
Trojan.Win32.Pluder.o malware suffers from an insecure permissions vulnerability.
Backdoor.Win32.DarkKomet.irv malware suffers from an insecure permissions vulnerability.
This is a whitepaper that details identifying cross site scripting vulnerabilities in both the Neo and Matrix LMS codebase.