>> CATEGORY: exploit

This Metasploit module exploits an XML external entity vulnerability and a server side request forgery to get unauthenticated code execution on Zimbra Collaboration Suite. The XML external entity vulnerability in…

This Metasploit module allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit…

PHP version 7.2 suffers from an imagecolormatch() out-of-band heap write vulnerability.

Ashop Shopping Cart Software suffers from a remote SQL injection vulnerability in bannedcustomers.php.

TP-LINK models TL-WR940N and TL-WR941ND suffer from a buffer overflow vulnerability.

Loytec LGATE-902 versions prior to 6.4.2 suffer from cross site scripting, arbitrary file deletion, and directory traversal vulnerabilities.

EasyIO 30P versions prior to 2.0.5.27 suffer from authentication bypass and cross site scripting vulnerabilities.

Apache Axis version 1.4 suffers from a remote code execution vulnerability.

Microsoft Windows AppX deployment service privilege escalation exploit.

Dell KACE Systems Management Appliance (K1000) version 6.4.120756 unauthenticated remote code execution exploit.