>> CATEGORY: exploit

ReadyTalk Avian JVM versions 1.2.0 before 27th October 2020 suffer from a FileOutputStream.write() integer overflow vulnerability.

This Metasploit module exploits a local file inclusion vulnerability in Citrix ADC Netscaler.

This Metasploit module performs an authentication brute forcing attack against the panel in Bludit version 3.9.2.

This Metasploit module exploits a code execution vulnerability within the ASUS TM-AC1900 router as an authenticated user. The vulnerability is due to a failure filter out percent encoded newline characters…

WordPress Good LMS plugin versions 2.1.4 and below suffer from a remote SQL injection vulnerability.

Water Billing System version 1.0 suffers from a remote SQL injection vulnerability.

This Metasploit module exploits an authentication bypass and command injection in SaltStack Salt’s REST API to execute commands as the root user. The following versions have received a patch: 2015.8.10,…

Joomla Simple Image Gallery Extended (SIGE) extension versions 3.4.1-FREE and 3.5.3-PRO suffer from cross site scripting and remote file inclusion vulnerabilities.

CMSUno version 1.6.2 user remote code execution exploit. This is a variant of the vulnerability discovered by the same researcher in November of 2020.