CSZ CMS version 1.2.9 suffers from an arbitrary file deletion vulnerability.
CSZ CMS version 1.2.9 suffers from an arbitrary file deletion vulnerability.
Ampache version 4.4.2 suffers from a cross site scripting vulnerability.
Qualys discovered a size_t-to-int conversion vulnerability in the Linux kernel’s filesystem layer: by creating, mounting, and deleting a deep directory structure whose total path length exceeds 1GB, an unprivileged local…
This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress plugin Backup Guard versions prior…
This Metasploit module leverages an authentication bypass exploit within Sage X3 AdxSrv’s administration protocol to execute arbitrary commands as SYSTEM against a Sage X3 Server running an available AdxAdmin service.
WordPress KN Fix Your Title plugin version 1.0.1 suffers from a cross site scripting vulnerability.
Webmin version 1.973 cross site request forgery exploit that loads a reverse shell.
The default rules for the WFP connect layers permit certain executables to connect TCP sockets in AppContainers without capabilities leading to elevation of privilege.
Dell OpenManage Enterprise versions up to 3.6.1 suffer from multiple hard-coded credential issues, multiple privilege escalation, weak permissions, authentication bypass, and other vulnerabilities.
KevinLAB BEMS version 1.0 has an undocumented backdoor account and the sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the…