Vanguard version 2.1 suffers from multiple cross site scripting vulnerabilities.
>> CATEGORY: exploit
Bolt CMS version 3.7.0 suffers from an authenticated remote code execution vulnerability.
pfSense version 2.4.4-P3 suffers from a User Manager persistent cross site scripting vulnerability.
This Metasploit module exploits a preauth Server-Side Template Injection vulnerability that leads to remote code execution in PlaySMS before version 1.4.3. This issue is caused by double processing a server-side…
This Metasploit module exploits a vulnerability found in Pandora FMS 7.0NG and lower. net_tools.php in Pandora FMS 7.0NG allows remote attackers to execute arbitrary OS commands.
A vulnerability exists within the Microsoft Server Message Block 3.1.1 (SMBv3) protocol that can be leveraged to execute code on a vulnerable server. This local exploit implementation leverages this flaw…
LimeSurvey version 4.1.11 suffers from a Survey Groups persistent cross site scripting vulnerability.
This Metasploit module exploits command injection vulnerability in v-list-user-backups bash script file. Low privileged authenticated users can execute arbitrary commands under the context of the root user. An authenticated attacker…
The Windows “net use” network logon type-3 command does not prompt for authentication when the built-in Administrator account is enabled and both remote and originating systems suffer from password reuse….
Pandora FMS version 7.0NG suffers from a net_tools.php remote code execution vulnerability.