WordPress Learnpress plugin version 4.1.4.1 suffers from an arbitrary image renaming vulnerability.
This Metasploit module exploits an authentication bypass (CVE-2021-1472) and command injection (CVE-2021-1473) in the Cisco Small Business RV series of VPN/routers. The device does not adequately verify the credentials in…
This archive contains all of the 167 exploits added to Packet Storm in January, 2022.
Moodle 3.11.4 – SQL Injection
WordPress Plugin 404 to 301 2.0.2 – SQL-Injection (Authenticated)
WordPress Plugin Domain Check 1.0.16 – Reflected Cross-Site Scripting (XSS) (Authenticated)
CONTPAQi(R) AdminPAQ 14.0.0 – Unquoted Service Path
Mozilla Firefox 67 – Array.pop JIT Type Confusion
HackTool.Win32.Muzzer.a malware suffers from a buffer overflow vulnerability.
Backdoor.Win32.Tiny.c malware suffers from a code execution vulnerability.