>> CATEGORY: exploit

MapTool version 1.11.5 suffers from a denial of service vulnerability.

MapTool version 1.11.5 suffers from a cross site scripting vulnerability.

Joomla Vik Appointments extension version 1.7.3 suffers from a cross site scripting vulnerability.

MiniDVBLinux versions 5.4 and below are vulnerable to an unauthenticated configuration download when a direct object reference is made to the backup function using an HTTP GET request.

MiniDVBLinux versions 5.4 and below allows the usage of the SVDRP protocol/commands to be sent by a remote attacker to manipulate and/or remotely control the TV.

MiniDVBLinux versions 5.4 and below root password changing proof of concept exploit.

Backdoor.Win32.DarkSky.23 malware suffers from a buffer overflow vulnerability.

MiniDVBLinux versions 5.4 and below suffer from an unauthenticated live stream disclosure when /tpl/tv_action.sh is called and generates a snapshot in /var/www/images/tv.jpg through the Simple VDR Protocol (SVDRP).

Webile version 1.0.1 suffers from a directory traversal vulnerability.

This Metasploit module exploits an unauthenticated remote code execution vulnerability in Spring Cloud Gateway versions 3.0.0 through 3.0.6 and 3.1.0. The vulnerability can be exploited when the Gateway Actuator endpoint…