WordPress Plugin WP Symposium Pro 2021.10 – ‘wps_admin_forum_add_name’ Stored Cross-Site Scripting (XSS)
>> TAG: #0day
WordPress Plugin AccessPress Social Icons 1.8.2 – ‘icon title’ Stored Cross-Site Scripting (XSS)
Xlight FTP 3.9.3.1 – Buffer Overflow (PoC)
Windows MultiPoint Server 2011 SP1 – RpcEptMapper and Dnschade Local Privilege Escalation
Mumara Classic 2.93 – ‘license’ SQL Injection (Unauthenticated)
YeaLink SIP-TXXXP 53.84.0.15 – ‘cmd’ Command Injection (Authenticated)
Apache HTTP Server 2.4.50 – Remote Code Execution (RCE) (3)
AbsoluteTelnet 11.24 – ‘Username’ Denial of Service (PoC)
AbsoluteTelnet 11.24 – ‘Phone’ Denial of Service (PoC)
FormaLMS 2.4.4 – Authentication Bypass