>> CATEGORY: exploit

Complaint Management System version 1.0 suffers from a remote shell upload vulnerability.

WordPress Fancy Product Designer for WooCommerce plugin versions prior to 4.5.1 suffer from a persistent cross site scripting vulnerability.

WordPress Fancy Product Designer for WooCommerce plugin versions 4.5.1 and below suffer from an unauthenticated arbitrary file upload vulnerability.

Avaya Web License Manager versions 6.x, 7.0 through 7.1.3.6, and 8.0 through 8.1.2.0.0 suffer from a blind out-of-band XML external entity injection vulnerability.

WordPress WP Forms plugin version 1.6.3.1 suffers from a persistent cross site scripting vulnerability.

Proof of concept exploit for the ZeroLogin Netlogon privilege escalation vulnerability.

Huawei LCD_Service version 1.0.1.0 suffers from an unquoted service path vulnerability.

Online Doctor Appointment Booking System PHP and MySQL version 1.0 suffers from a remote SQL injection vulnerability.

AIX version 5.3L libc local environment handling local root exploit. The AIX 5.3L (and possibly others) libc is vulnerable to multiple buffer overflow issues in the handling of locale environment…

Online News Portal versions released prior to November 16, 2020 have been identified as being susceptible to a local file inclusion vulnerability.