This Metasploit module leverages a flaw in runc to escape a Docker container and get command execution on the host as root. This vulnerability is identified as CVE-2019-5736. It overwrites…
This archive contains all of the 217 exploits added to Packet Storm in June, 2021.
WinWaste.NET 1.0.6183.16475 – Privilege Escalation due Incorrect Access Control
b2evolution 7.2.2 – ‘edit account details’ Cross-Site Request Forgery (CSRF)
AKCP sensorProbe SPX476 – ‘Multiple’ Cross-Site Scripting (XSS)
WordPress Plugin Modern Events Calendar 5.16.2 – Remote Code Execution (Authenticated)
Scratch Desktop 3.17 – Cross-Site Scripting/Remote Code Execution (XSS/RCE)
phpAbook version 0.9i suffers from a remote SQL injection vulnerability.
Doctors Patients Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Securepoint SSL VPN Client version 2.0.30 suffers from a local privilege escalation vulnerability.