>> CATEGORY: Security

RarmaRadio 2.72.8 – Denial of Service (PoC)

Gadget Works Online Ordering System 1.0 – ‘Category’ Persistent Cross-Site Scripting (XSS)

WordPress Plugin Cookie Law Bar 1.2.1 – ‘clb_bar_msg’ Stored Cross-Site Scripting (XSS)

DiskBoss Service 12.2.18 – ‘diskbsa.exe’ Unquoted Service Path

iDailyDiary 4.30 – Denial of Service (PoC)

Schlix CMS 2.2.6-6 – Arbitary File Upload And Directory Traversal Leads To RCE (Authenticated)

Microsoft Exchange 2019 – Unauthenticated Email Download (Metasploit)

DELL dbutil_2_3.sys 2.3 – Arbitrary Write to Local Privilege Escalation (LPE)

Spotweb 1.4.9 – DOM Based Cross-Site Scripting (XSS)

Mozilla Firefox 88.0.1 – File Extension Execution of Arbitrary Code