Moxa EDR-810 suffers from command injection and information disclosure vulnerabilities.
>> CATEGORY: exploit
Rocket.Chat version 2.1.0 suffers from a cross site scripting vulnerability.
IObit Uninstaller version 9.1.0.8 suffers from an IObitUnSvr unquoted service path vulnerability.
WordPress Sliced Invoices plugin versions 3.8.2 and below suffer from a remote SQL injection vulnerability.
WordPress Sliced Invoices plugin versions 3.8.2 and below suffer from a cross site scripting vulnerability.
This Metasploit module exploits an issue in ptrace_link in kernel/ptrace.c before Linux kernel 5.1.17. This issue can be exploited from a Linux desktop terminal, but not over an SSH session,…
This Metasploit module exploits a vulnerability in xscreensaver versions since 5.06 on unpatched Solaris 11 systems which allows users to gain root privileges. xscreensaver allows users to create a user-owned…
This Metasploit module exploits a PHP object injection vulnerability in Joomla version 3.4.6.
This Metasploit module attempts to gain root privileges with SUID Xorg X11 server versions 1.19.0 up to 1.20.3. A permission check flaw exists for -modulepath and -logfile options when starting…
This Metasploit module exploits a vulnerability in Total.js CMS. The issue is that a user with admin permission can embed a malicious JavaScript payload in a widget, which is evaluated…