>> CATEGORY: exploit

LanSpy version 2.0.1.159 local buffer overflow exploit.

Rukovoditel Project Management CRM version 2.3.1 suffers from a remote code execution vulnerability.

There is an reference leak in Microsoft VBScript that can be turned into an use-after-free given sufficient time. The vulnerability has been confirmed in Internet Explorer on various Windows versions…

Starting from Windows 10 Fall Creators Update, VBScript execution in IE 11 should be disabled for websites in the Internet Zone and the Restricted Sites Zone by default. However, the…

The erlang port mapper daemon is used to coordinate distributed erlang instances. Should an attacker get the authentication cookie, remote code execution is trivial. Usually, this cookie is named “.erlang.cookie”…

Transcend Wi-Fi SD Card 16GB with firmware 1.8 suffers from cross site request forgery and directory traversal vulnerabilities.

Everus.org Mobile Wallet version 1.0.9 suffers from an information disclosure vulnerability.

KARMA version 6.0.0 suffers from a remote SQL injection vulnerability.

This Module will generate and upload an executable to a remote host and then makes it a persistent service. It will create a new service which will start the payload…

WordPress Lumise plugin version 4.9 suffers from a database disclosure vulnerability.