LearnDash WordPress LMS plugin version 3.1.2 suffers from a cross site scripting vulnerability.
>> CATEGORY: exploit
This Metasploit module exploits an authentication bypass in the WordPress InfiniteWP Client plugin to log in as an administrator and execute arbitrary PHP code by overwriting the file specified by…
Vanilla Forum version 2.6.3 suffers from a persistent cross site scripting vulnerability.
This Metasploit module exploits an ssdpcgi remote command execution vulnerability in D-Link devices.
This Metasploit module exploits a command injection in the MAIL FROM field during SMTP interaction with OpenSMTPD to execute code as the root user.
macOS and iOS suffer from an out-of-bounds read when processing DDS images with ImageIO.
This Metasploit module leverages the prnmngr.vbs script to add and delete printers. Multiple runs of this module may be required given successful exploitation is time-sensitive.
macOS and iOS suffer from an issue where kern_stack_snapshot_internal() shares non-zeroed kernel pages with userspace.
libx264 suffers from an out-of-bounds write when converting to H264.
ImageIO on macOS suffers from an issue where a heap out-of-bounds write occurs when processing JPEG images.