MiniDVBLinux versions 5.4 and below suffer from an unauthenticated live stream disclosure when /tpl/tv_action.sh is called and generates a snapshot in /var/www/images/tv.jpg through the Simple VDR Protocol (SVDRP).

Webile version 1.0.1 suffers from a directory traversal vulnerability.

This Metasploit module exploits an unauthenticated remote code execution vulnerability in Spring Cloud Gateway versions 3.0.0 through 3.0.6 and 3.1.0. The vulnerability can be exploited when the Gateway Actuator endpoint…

This Metasploit module leverages a remote shell upload vulnerability in pfSense pfBlockerNG plugin versions 2.1.4_26 and below. Note that version 3.x is unaffected.

MiniDVBLinux version 5.4 suffers from an OS command injection vulnerability. This can be exploited to execute arbitrary commands with root privileges.

Backdoor.Win32.Redkod.d malware suffers from a hardcoded credential vulnerability.

WiFi File Transfer version 1.0.8 suffers from a cross site scripting vulnerability.

MiniDVBLinux version 5.4 suffers from an OS command execution vulnerability. This can be exploited to execute arbitrary commands as root through the command GET parameter in /tpl/commands.sh.

WordPress Photo Gallery plugin version 1.8.0 suffers from a cross site scripting vulnerability.

MiniDVBLinux versions 5.4 and below suffer from an arbitrary file disclosure vulnerability.