>> CATEGORY: exploit

This Metasploit module exploits a vulnerable sudo configuration that permits the Zimbra user to execute postfix as root. In turn, postfix can execute arbitrary shellscripts, which means it can execute…

This Metasploit module exploits an authentication bypass vulnerability in the Fortinet FortiOS, FortiProxy, and FortiSwitchManager API to gain access to a chosen account and then adds an SSH key to…

Intelbras WiFiber 120AC inMesh version 1.1-220216 suffers from an authenticated command injection vulnerability.

Joomla OSG Courts Reservation extension version 1.4.9 suffers from a remote SQL injection vulnerability.

Knap Advanced PHP Login version 3.1.3 suffers from a cross site scripting vulnerability.

Vicidial version 2.14-783a suffers from multiple cross site scripting vulnerabilities.

Garage Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

Stripe Green Downloads version 2.03 suffers from a cross site scripting vulnerability.

WordPress ImageMagick-Engine plugin versions 1.7.4 and below suffer from a remote code execution vulnerability.

The Windows Kernel suffers from integer overflow vulnerabilities in its registry subkey lists leading to memory corruption.