This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress SP Project and Document plugin…
PHP 7.3.15-3 – ‘PHP_SESSION_UPLOAD_PROGRESS’ Session Data Injection
Customer Relationship Management System (CRM) 1.0 – Sql Injection Authentication Bypass
XOS Shop 1.0.9 – ‘Multiple’ Arbitrary File Deletion (Authenticated)
NoteBurner 2.35 – Denial Of Service (DoS) (PoC)
Leawo Prof. Media 11.0.0.1 – Denial of Service (DoS) (PoC)
Elasticsearch ECE 7.13.3 – Anonymous Database Dump
WordPress Simple Post plugin version 1.1 suffers from a persistent cross site scripting vulnerability.
Microsoft SharePoint Server 2019 remote code execution exploit.
ElasticSearch version 7.13.3 memory disclosure exploit.