>> CATEGORY: exploit

osTicket version 1.14.1 has been found to be susceptible to multiple additional persistent cross site scripting vulnerabilities.

NOKIA VitalSuite SPM 2020 suffers from a remote SQL injection vulnerability.

EyouCMS version 1.4.6 suffers from a persistent cross site scripting vulnerability.

Online-Exam-System 2015 suffers from a remote SQL injection vulnerability.

QNAP QTS and Photo Station version 6.0.3 suffers from a remote command execution vulnerability.

The Firefox content processes do not sufficiently lockdown access control which can result in a sandbox escape.

This Metasploit module exploits a command execution in Pi-Hole versions 4.3.2 and below. A new DHCP static lease is added with a MAC address which includes a remote code execution…

BIND TSIG denial of service exploit.

WordPress Drag and Drop File Upload Contact Form plugin version 1.3.3.2 suffers from a remote shell upload vulnerability.

StreamRipper32 version 2.6 buffer overflow proof of concept exploit.