This Metasploit module exploits an authenticated remote code execution vulnerability in PRTG Network Monitor. Notifications can be created by an authenticated user and can execute scripts when triggered. Due to…
>> CATEGORY: exploit
Openlitespeed Web Server version 1.7.8 suffers from an authenticated command injection vulnerability.
Backdoor.Win32.Wollf.14 malware has a backdoor on TCP/7614 that does not require any authentication.
Backdoor.Win32.DarkKomet.apbb malware suffers from an insecure permissions vulnerability.
Constructor.Win32.SpyNet.a malware suffers from a remote password leak vulnerability.
Revive Adserver versions 5.1.0 and below suffer from multiple reflective cross site scripting vulnerabilities.
STVS ProVision version 5.9.10 suffers from an authenticated file disclosure vulnerability in archive.rb.
STVS ProVision version 5.9.10 suffers from a cross site request forgery vulnerability.
STVS ProVision version 5.9.10 suffers from an authenticated reflective cross site scripting vulnerability.
Qualys has released extensive research details regarding a heap-based buffer overflow vulnerability in sudo. The issue was introduced in July 2011 (commit 8255ed69), and affects all legacy versions from 1.8.2…