>> CATEGORY: exploit

This Metasploit module exploits two vulnerabilities to execute a command as an elevated user. The first (CVE-2019-1405) uses the UPnP Device Host Service to elevate to NT AUTHORITYLOCAL SERVICE. The…

This Metasploit exploit module illustrates how a vulnerability could be exploited in a linux command for privilege escalation.

This Metasploit exploit module illustrates how a vulnerability could be exploited in a webapp.

OpenMRS is an open-source platform that supplies users with a customizable medical record system. There exists an object deserialization vulnerability in the webservices.rest module used in OpenMRS Platform. Unauthenticated remote…

Zendesk SweetHawk Survey version 1.6 suffers from a persistent cross site scripting vulnerability.

NopCommerce version 4.2.0 suffers from a privilege escalation vulnerability.

The Xerox AltaLink C8035 Printer suffers from a cross site request forgery vulnerability.

Tautulli version 2.1.9 suffers from a cross site request forgery vulnerability.

Serv-U FTP Server version 15.1.7 suffers from a persistent cross site scripting vulnerability leveraging the Email parameter.

Netgear R6400 suffers from a remote code execution vulnerability.