>> CATEGORY: exploit

Online Voting System version 1.0 suffers from an authorization bypass vulnerability that allows for the password change of other users.

Packed.Win32.Katusha.o suffers from an insecure permissions vulnerability.

Backdoor.Win32.MiniBlackLash malware suffers from a denial of service vulnerability.

Metasploit Framework version 6.0.11 msfvenom APK template command injection exploit.

EgavilanMedia PHPCRUD version 1.0 suffers from a persistent cross site scripting vulnerability.

CMSUno version 1.6.2 authenticated remote code execution exploit. The original discovery for the vulnerability leveraged is attributed to Fatih Celik in November of 2020.

jQuery UI version 1.12.1 suffers from a denial of service vulnerability.

Chamilo LMS version 1.11.14 suffers from a cross site scripting vulnerability.

WordPress SuperForms plugin version 4.9 suffers from a remote shell upload vulnerability.

This Metasploit module exploits two vulnerabilities, that when chained allow an attacker to achieve unauthenticated remote code execution in Micro Focus UCMDB. UCMDB included in versions 2020.05 and below of…