>> TAG: #remote exploit

FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 – Hidden Backdoor Account (Write Access)

WordPress Plugin TranslatePress 2.0.8 – Stored Cross-Site Scripting (XSS) (Authenticated)

WordPress Plugin Contact Form 1.7.14 – Reflected Cross-Site Scripting (XSS)

WordPress Plugin Ultimate Maps 1.2.4 – Reflected Cross-Site Scripting (XSS)

FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 – ‘Add Admin’ Cross-Site Request Forgery (CSRF)

WordPress Plugin Popup 1.10.4 – Reflected Cross-Site Scripting (XSS)

Apache James Server 2.3.2 – Remote Command Execution (RCE) (Authenticated) (2)

WordPress Plugin Wappointment 2.2.4 – Stored Cross-Site Scripting (XSS)

Ether_MP3_CD_Burner 1.3.8 – Buffer Overflow (SEH)

Library System 1.0 – ‘student_id’ SQL injection (Authenticated)