This Metasploit module will bypass UAC on Windows 8-10 by hijacking a special key in the Registry under the Current User hive, and inserting a custom command that will get…
>> CATEGORY: exploit
Quest KACE System Management Appliance version 8.0 (Build 8.0.318) suffers from code execution, cross site scripting, path traversal, remote SQL injection, and various other vulnerabilities.
JDA Warehouse Management System suffers from buffer overflow, code execution, cross site request forgery, XML external entity injection, file disclosure, remote SQL injection, and various other vulnerabilities.
JDA Connect suffers from cross site request forgery, JMX interface exposure, and command execution vulnerabilities.
ALFTP version 5.31 suffers from a local buffer overflow vulnerability.
Software Advice version 1.0 suffers from a cross site scripting vulnerability.
CloudMe Sync versions prior to 1.11.0 SEH buffer overflow exploit with DEP bypass.
wityCMS version 0.6.1 suffers from a cross site scripting vulnerability.
Joomla jCart for OpenCart component version 2.3.0.2 suffers from a cross site request forgery vulnerability.
www.engelvoelkers.com suffers from a cross site scripting vulnerability.