WordPress Ecwid Ecommerce Shopping Cart plugin versions 6.10.23 and below suffer from a cross site request forgery vulnerability.
4d8603e0293338606a482d16c657252dae8f29113703208bc7aafca598be3ca6
Backdoor.Win32.Bushtrommel.122 malware suffers from an unauthenticated remote command execution vulnerability.
cf89785b492c836d6c244e6fc3290bceee66fd68edf28a7400e7d2792d8b6e34
Backdoor.Win32.Bushtrommel.122 malware suffers from an authentication bypass vulnerability.
d7fc922486275581f2cf458522575af4443622981bf09a3aaadddd603ff38990
Online Admission System version 1.0 suffers from a remote SQL injection vulnerability.
9f6552806e7f79bf6438a86513e24999dcff366eebb104a253377d13284fc82e
WordPress Testimonial Slider and Showcase plugin version 2.2.6 suffers from a persistent cross site scripting vulnerability.
25ecbf595ef86f9db782f57ba84d4478ef9c33a63a205a448ca3413ea4fe1f09
VMware Workspace ONE Access contains a vulnerability whereby the horizon user can escalate their privileges to those of the root user by modifying a file and then restarting the vmware-certproxy service which invokes it. The service control is permitted via the sudo configuration without a password.
84c0696cc53d2e4bd749c04b694cbb8ae3676b266a9d0e92ecb77d88dc2558c3
The WebGL implementation for setting uniform values with an ArrayBuffer argument do not properly handle large buffer sizes. As WASM now allows allocating large ArrayBuffers, this can lead to buffer overflows when writing to the GPU command buffer.
0bdf6d06a281ed2823e5f46ea472615509e7f1f676d5bd3238d8cfd3b783d262
Backdoor.Win32.Jokerdoor malware suffers from a buffer overflow vulnerability.
b1a0f0eda16637855c7124025a9bba474d285060035c7ace064b81d352be6595
WordPress Download Manager plugin versions 3.2.50 and below suffer from an arbitrary file deletion vulnerability.
81394c472063bd99c8767e0198e8bc71d4dc98bfdea27535691be0ffd873ac59
This Metasploit module exploits a Java deserialization vulnerability in Zoho ManageEngine Pro before 12101 and PAM360 before 5510. Unauthenticated attackers can send a crafted XML-RPC request containing malicious serialized data to /xmlrpc to gain remote command execution as the SYSTEM user.
ed156b4196a5a0b6a6fd8e554208ebb6ce6da15417fc57d837d2b7e65c35c174
MobileIron Core is affected by the Log4Shell vulnerability whereby a JNDI string sent to the server will cause it to connect to the attacker and deserialize a malicious Java object. This results in OS command execution in the context of the tomcat user. This Metasploit module will start an LDAP server that the target will need to connect to.
d15ef16680da0566fc6f0cd17aa36d661420fd2c8fbf3f002025e66fc8acc462
Multi-Language Hotel Management 2022 version 1.0 suffers from a remote SQL injection vulnerability.
0c11ae5ed3c1b7202d2009cb0d1807126f6bde6b8e241059c3663ab7153e0cf7
IObit Malware Fighter version 9.2 fails to provide sufficient anti-tampering protection and that shortcoming can be leveraged to escalate to SYSTEM privileges.
c6e27a8d7b7645ace9a03e1d2218ca5e5bdc9d279978795484de8145fd043895
uftpd versions 2.7 through 2.10 suffer from an authenticated directory traversal vulnerability.
49eb3cd8623927e2347974445c0565c0ed3386c36a6f12fc4e148713a5029fd8
Backdoor.Win32.Destrukor.20 malware suffers from an unauthenticated remote command execution vulnerability.
b2929297a27431a955030b6a10960d07ffdcbdeb69b274c81b62bcbd3f78ab50
Omnia MPX version 1.5.0+r1 suffers from a path traversal vulnerability.
255a6f7727bdeaa16975148c3367339b2e812a601460e5e6e74bd1dfbe0dd441
NanoCMS version 0.4 suffers from an authenticated remote code execution vulnerability.
f89daed79ee49f4e3db2c1bf5807bdc8863a2487fd65d3b7f4724e51f4fe642d
CuteEditor For PHP version 6.6 suffers from a directory traversal vulnerability.
7af1d2df53c59d35bae895eb4619ecd262232aacf7df548b05790ea206f4dec7
Backdoor.Win32.Destrukor.20 malware suffers from authentication bypass and code execution vulnerabilities.
094948131e62030329dfa1f6e0d5cc98ee61866dcecf381f4a6aa14f046758b4
mPDF version 7.0 suffers from a local file inclusion vulnerability.
d9e2013ea0d6ee6260c03fe9651f945af86d37023bb012c16b218a5ba2c4c1f8
WordPress Duplicator plugin versions 1.4.6 and below suffer from a backup disclosure vulnerability.
f52c96d84b29854a0f446a858b2b7641046268ef68ba2be7b21b09aeeced427a
WordPress Duplicator plugin versions 1.4.7 and below suffer from an information disclosure vulnerability.
38cd46e9b0883e90c68e55e1459081b405275c6a3e9b4953e7114d5f941826d0
Webmin version 1.996 suffers from an authenticated remote code execution vulnerability.
a89c83a46baf912bad79b59cea2c4954e3ac100a48e421ae4b7e8c04fc532526
CodeIgniter CMS version 4.2.0 suffers from a remote SQL injection vulnerability.
95b28e947fb52c82785b9e221438f8e9b78449cd4019acccc826a0cac2e8875e
Easy Chat Server version 3.1 remote stack buffer overflow exploit.
0ebd0c06f51730b5778c3be7b61402fad0ad14c7456fbd98a0605d0b61bffa49