PHP version 8.1.0-dev unauthenticated remote command execution proof of concept exploit that leverages the backdoor.
The document in this archive illustrates using the included proof of concept exploit to achieve root on Ubuntu systems using a flaw in the OverlayFS file system. The exploit itself…
Backdoor.Win32.WinShell.a malware suffers from a code execution vulnerability.
IPS Community Suite versions 4.5.4.2 and below suffer from a PHP code injection vulnerability. The vulnerability exists because the IPScmsmodulesfrontpages_builder::previewBlock() method allows to pass arbitrary content to the IPS_Theme::runProcessFunction() method,…
http://watluanglocal.go.th notified by Dhen Bhocil
ProjeQtOr Project Management 9.1.4 – Remote Code Execution
CHIYU TCP/IP Converter devices – CRLF injection
CHIYU IoT devices – ‘Multiple’ Cross-Site Scripting (XSS)
WordPress Plugin WP Prayer version 1.6.1 – ‘prayer_messages’ Stored Cross-Site Scripting (XSS) (Authenticated)
Ubee EVW327 – ‘Enable Remote Access’ Cross-Site Request Forgery (CSRF)