Selenium 3.141.59 – Remote Code Execution (Firefox/geckodriver)
Selenium 3.141.59 – Remote Code Execution (Firefox/geckodriver)
Trixbox 2.8.0.4 – ‘lang’ Path Traversal
Trixbox 2.8.0.4 – ‘lang’ Remote Code Execution (Unauthenticated)
PHPFusion 9.03.50 – Remote Code Execution
WordPress Plugin LifterLMS 4.21.0 – Stored Cross-Site Scripting (XSS)
https://www.doa.go.th/th/luv.htm notified by Alf404
An upgrade account is included in the IoT Controller OVA that provides the vendor undocumented access via Secure Copy (SCP).
RarmaRadio version 2.72.8 denial of service proof of concept exploit.
Codiad version 2.8.4 suffers from a remote shell upload vulnerability.
ProFTPd version 1.3.5 remote command execution exploit. This is a variant of the original vulnerability discovered in 2015 with credit going to R-73eN.