SyncBreeze version 10.0.28 suffers from a remote buffer overflow vulnerability.
>> CATEGORY: exploit
This Metasploit module exploits WordPress Simple File List plugin versions prior to 4.2.3, which allows remote unauthenticated attackers to upload files within a controlled list of extensions. However, the rename…
This Metasploit module uses the Kong admin API to create a route and a serverless function plugin that is associated with the route. The plugin runs Lua code and is…
This Metasploit module exploits an authenticated PHP code injection vulnerability found in openmediavault versions before 4.1.36 and 5.x versions before 5.5.12 inclusive in the “sortfield” POST parameter of the rpc.php…
nopCommerce Store version 4.30 suffers from a persistent cross site scripting vulnerability.
Apache OpenMeetings version 5.0.0 suffers from a denial of service vulnerability.
OpenCart version 3.0.3.6 suffers from multiple persistent cross site scripting vulnerabilities.
Seowon 130-SLC router version 1.0.11 suffers from a remote code execution vulnerability.
This Metasploit module exploits an unauthenticated command injection vulnerability found in ZeroShell version 3.9.0 in the “/cgi-bin/kerbynet” url. As sudo is configured to execute /bin/tar without a password (NOPASSWD) it…
ZTE WLAN router MF253V version 1.0.0B04 suffers from cross site request forgery, hardcoded password, outdated component, and cross site scripting vulnerabilities.