Movable Type 7 r.5002 – XMLRPC API OS Command Injection (Metasploit)
Movable Type 7 r.5002 – XMLRPC API OS Command Injection (Metasploit)
WebCTRL OEM 6.5 – ‘locale’ Reflected Cross-Site Scripting (XSS)
Umbraco v8.14.1 – ‘baseUrl’ SSRF
Umbraco v8.14.1 – ‘baseUrl’ SSRF
This Metasploit module exploits an SID-based command injection in Sophos UTM’s WebAdmin interface to execute shell commands as the root user.
Apple Security Advisory 2021-10-26-1 – iOS 15.1 and iPadOS 15.1 addresses buffer overflow, code execution, cross site scripting, information leakage, integer overflow, out of bounds read, out of bounds write,…
Apple Security Advisory 2021-10-26-2 – iOS 14.8.1 and iPadOS 14.8.1 addresses code execution, information leakage, integer overflow, out of bounds write, and use-after-free vulnerabilities.
Apple Security Advisory 2021-10-26-3 – macOS Monterey 12.0.1 addresses buffer overflow, bypass, code execution, cross site scripting, information leakage, integer overflow, out of bounds read, out of bounds write, and…
PHPGurukul Hostel Management System 2.1 – Cross-site request forgery (CSRF) to Cross-site Scripting (XSS)
WordPress Plugin Supsystic Contact Form 1.7.18 – ‘label’ Stored Cross-Site Scripting (XSS)