FileBrowser 2.17.2 Code Execution / Cross Site Request Forgery
FileBrowser versions 2.17.2 and below suffer from a cross site request forgery vulnerability that can lead to remote code execution.
View ArticleWordPress Security Audit 1.0.0 Cross Site Scripting
WordPress Security Audit plugin version 1.0.0 suffers from a persistent cross site scripting vulnerability.
View ArticleWordPress CP Blocks 1.0.14 Cross Site Scripting
WordPress CP Blocks plugin version 1.0.14 suffers from a persistent cross site scripting vulnerability.
View ArticleUbuntu Security Notice USN-5275-1
Ubuntu Security Notice 5275-1 - Ziming Zhang discovered that BlueZ incorrectly handled memory write operations in its gatt server. A remote attacker could possibly use this to cause BlueZ to crash...
View ArticleWordPress Contact Form Builder 1.6.1 Cross Site Scripting
WordPress Contact Form Builder plugin version 1.6.1 suffers from a cross site scripting vulnerability.
View ArticleWindows/x86 Locate kernel32 Base Address / Stack Crack Method Null Free...
171 bytes small Windows/x86 shellcode with a new method to find the kernel32 base address by walking down the stack and look for a possible Kernel32 address using a custom SEH handler. Each address...
View ArticleHotel Reservation System 1.0 SQL Injection
Hotel Reservation System version 1.0 suffers from a remote SQL injection vulnerability.
View ArticleWordPress Simple Job Board 2.9.3 Local File Inclusion
WordPress Simple Job Board plugin version 2.9.3 suffers from a local file inclusion vulnerability.
View ArticleUbuntu Security Notice USN-4754-5
Ubuntu Security Notice 4754-5 - USN-4754-1 fixed vulnerabilities in Python. Because of a regression, a subsequent update removed the fix for CVE-2021-3177. This update reinstates the security fix for...
View ArticleWing FTP Server 4.3.8 Remote Code Execution
Wing FTP Server versions 4.3.8 and below suffer from an authenticated remote code execution vulnerability.
View ArticlePHP Everywhere 2.0.3 Remote Code Execution
PHP Everywhere versions 2.0.3 and below suffer from multiple remote code execution vulnerabilities.
View ArticleStrapi CMS 3.0.0-beta.17.4 Privilege Escalation
This Metasploit module exploits the mishandling of a password reset in JSON for Strapi CMS version 3.0.0-beta.17.4 to change the password of a privileged user.
View ArticleTOR Virtual Network Tunneling Tool 0.4.6.10
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with...
View ArticleUbuntu Security Notice USN-5276-1
Ubuntu Security Notice 5276-1 - It was discovered that the NVIDIA graphics drivers incorrectly handled permissions in the kernel mode layer. A local attacker could use this issue to write to protected...
View ArticleQEMU Monitor HMP migrate Command Execution
This Metasploit module uses QEMU's Monitor Human Monitor Interface (HMP) TCP server to execute system commands using the migrate command. This module has been tested successfully on QEMU version 6.2.0...
View Article
