OpenEDX platform Ironwood version 2.5 suffers from a remote code execution vulnerability.
>> CATEGORY: exploit
AbsoluteTelnet version 11.21 suffers from multiple denial of service vulnerabilities.
Forma.LMS version 5.6.40 suffers from a cross site request forgery vulnerability.
This Metasploit module exploits a Java object deserialization vulnerability in multiple versions of WebLogic. Unauthenticated remote code execution can be achieved by sending a serialized BadAttributeValueExpException object over the T3…
Gym Management System version 1.0 suffers from an unauthenticated remote code execution vulnerability.
VUPlayer version 2.49 .m3u local buffer overflow exploit with DEP and ASLR.
In 2005, three vulnerabilities were discovered in qmail but were never fixed because they were believed to be unexploitable in a default installation. Qualys recently re-discovered these vulnerabilities and were…
Druva inSync Windows Client version 6.6.3 suffers from a local privilege escalation vulnerability.
This Metasploit module exploits a vulnerability found in Synology DiskStation Manager (DSM) versions prior to 5.2-5967-5, which allows the execution of arbitrary commands under root privileges after website authentication. The…
This Metasploit module exploits a ViewState .NET deserialization vulnerability in web-based MS SQL Server management tool myLittleAdmin, for version 3.8 and likely older versions, due to hardcoded machineKey parameters in…