This Metasploit module exploits SQL injection and command injection vulnerabilities in the ManageEngine Application Manager versions 14.2 and below.
>> CATEGORY: exploit
WebKit suffers from a universal cross site scripting vulnerability via XSLT and nested document replacements.
Steam Windows client local privilege escalation exploit.
Agent Tesla Botnet arbitrary code execution exploit.
TortoiseSVN version 1.12.1 suffers from a remote code execution vulnerability.
AZORult Botnet suffers from a remote SQL injection vulnerability.
msctf in the Text Services Framework suffers from multiple design flaws that can lead to things like UIPI bypass and interfering with processes.
NSKeyedUnarchiver suffers from an information leak when decoding the SGBigUTF8String class using [SGBigUTF8String initWithCoder:]. This class initializes the string using [SGBigUTF8String initWithUTF8DataNullTerminated:] even though there is no guarantee the bytes…
A vulnerability laboratory researcher (vxrl team) discovered a remote code execution vulnerability in the TortoiseSVN v1…
Master Data Online version 2.0 suffers from a cross site scripting vulnerability.