Tag: 0day

[webapps] AVCON6 systems management platform – OGNL Remote Command Execution

[local] Windows 10 – UAC Protection Bypass Via Windows Store (WSReset.exe) (Metasploit)

[webapps] WordPress Plugin Photo Gallery 1.5.34 – Cross-Site Scripting

[webapps] WordPress Plugin Photo Gallery 1.5.34 – SQL Injection

[webapps] WordPress Plugin Photo Gallery 1.5.34 – Cross-Site Scripting (2)

[remote] LibreNMS – Collectd Command Injection (Metasploit)

[remote] October CMS – Upload Protection Bypass Code Execution (Metasploit)

[local] Windows 10 – UAC Protection Bypass Via Windows Store (WSReset.exe) and Registry (Metasploit)

[webapps] Dolibarr ERP-CRM 10.0.1 – 'elemid' SQL Injection

[webapps] WordPress 5.2.3 – Cross-Site Host Modification