This Metasploit module exploits multiple vulnerabilities in Bolt CMS version 3.7.0 and 3.6.x in order to execute arbitrary commands as the user running Bolt. Valid credentials for a Bolt CMS…
Reside Property Management 3.0 – ‘profile’ SQL Injection
Victor CMS 1.0 – ‘user_firstname’ Persistent Cross-Site Scripting
BSA Radar version 1.6.7234.24750 suffers from a persistent cross site scripting vulnerability.
This document describes a stack overflow vulnerability that was found in October, 2019 and presented in the Pwn2Own Mobile 2019 competition in November 2019. The vulnerability is present in the…
The installer component of Cisco AnyConnect Secure Mobility Client for Windows prior to version 4.8.02042 is vulnerable to path traversal and allows local attackers to create/overwrite files in arbitrary locations…
ASUS Aura Sync version 1.07.71 ene.sys privilege escalation kernel exploit.
This is a proof of concept exploit that takes advantage of a privilege escalation vulnerability in the Windows Print Spooler.
FHEM version 6.0 suffers from a local file inclusion vulnerability.
This Metasploit module exploits a cross site request forgery vulnerability in Online Student Enrollment System version 1.0 to perform a shell upload.