>> CATEGORY: exploit

Chrome OS suffers from a /sbin/crash_reporter symlink traversal vulnerability.

Chamilo LMS version 1.11.8 suffers from a cross site scripting vulnerability.

The Linux kernel suffers from a ptr leak via BPF due to a broken subtraction check.

This Metasploit module utilizes the Net-NTLMv2 reflection between DCOM/RPC to achieve a SYSTEM handle for elevation of privilege. Currently the module does not spawn as SYSTEM, however once achieving a…

Netis ADSL Router DL4322D RTK 2.1.1 suffers from a cross site request forgery vulnerability.

This Metasploit module exploits insufficient sanitization in the database::protect method, of Navigate CMS versions 2.8 and prior, to bypass authentication. The module then uses a path traversal vulnerability in navigate_upload.php…

This Metasploit module exploits a stack buffer overflow in Zahir Enterprise Plus version 6 build 10b and below. The vulnerability is triggered when opening a CSV file containing CR/LF and…

It was discovered that the api/storage web interface in Unitrends Backup (UB) before 10.0.0 has an issue in which one of its input parameters was not validated. A remote attacker…

Claromentis Discuss module version 1.2.1 suffers from a stored cross site scripting vulnerability.

An independent vulnerability researcher of the laboratory discovered a local buffer overflow vulnerability in the Easy F…