WordPress version 5.0.4 with FormCraft plugin version 2.0 suffers from a cross site request forgery vulnerability that can be leveraged to perform a shell upload.
>> CATEGORY: exploit
WinMPG Video Convert versions 9.3.5 and below suffer from a local denial of service vulnerability.
WinAVI iPod/3GP/MP4/PSP Converter version 4.4.2 suffers from a local denial of service vulnerability.
TheCarProject version 2 suffers from a remote SQL injection vulnerability.
Gitea versions 1.7.0 through 1.7.3 suffer from a stored html injection vulnerability.
libseccomp suffers from an issue where there are incorrect compilations of arithmetic comparisons.
exacqVision version 9.8 suffers from an unquoted search path issue impacting the services exacqVisionServer, dvrdhcpserver and mdnsresponder for Windows deployed as part of exacqVision software application. This could potentially allow…
This Metasploit module exploits a vulnerability in Jenkins dynamic routing to bypass the Overall/Read ACL and leverage Groovy metaprogramming to download and execute a malicious JAR file. The ACL bypass…
Laundry CMS suffers from remote SQL injection and iframe injection vulnerabilities.
NetData versions 1.13.0 and below suffer from an html injection vulnerability.