Slims CMS Senayan Library Management System version 7.0 suffers from a remote shell upload vulnerability.
>> CATEGORY: exploit
TinyMCE JBimages plugin versions 3.x from JustBoilMe suffers from an arbitrary file upload vulnerability.
WordPress WP-JS-External-Link-Info plugin version 2.2.0 suffers from an open redirection vulnerability.
WordPress Jssor-Slider plugin version 3.1.24 suffers from cross site request forgery and remote file upload vulnerabilities.
Zend Framework version 1.11.11 suffers from a database configuration file disclosure vulnerability.
Zend Framework ZF1 version 1.x suffers from a database configuration file disclosure vulnerability.
ZRECore version 1.3.1 suffers from a database configuration file disclosure vulnerability.
GetSimpleCMS version 3.3.13 suffers from an open redirection vulnerability.
runc versions prior to 1.0-rc6 (Docker < 18.09.2 host command execution proof of concept exploit.
This exploit bypasses access control checks to use a restricted API function (POST /v2/create-user) of the local snapd service. This queries the Ubuntu SSO for a username and public SSH…