VxWorks version 6.8 suffers from an integer underflow vulnerability.
1f311cc4d1a16d238fc837c326c95ed3d599ea7c826e3ecb1485e5e7136216e4
GE Proficy HMI/SCADA CIMPLICITY version 8.2 local privilege escalation exploit.
cd3b42ca4b4ca79815a56e45f2e49d5edd59003f305f9e0c6d5e560593b0ca34
This Metasploit module exploits an authentication bypass and arbitrary file upload in Oracle Application Testing Suite (OATS), version 12.4.0.2.0 and unknown earlier versions, to upload and execute a JSP shell.
472df2245622a97749e8706f2ba968606decb46822546f51bf7cc6c5391ad65f
This Metasploit module exploits an arbitrary file upload vulnerability found in Advantech WebAccess 8.0. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebAccess Dashboard Viewer. Insufficient validation within the uploadImageCommon function in the UploadAjaxAction script allows unauthenticated callers to upload arbitrary code (instead of an image) to the server, which will then be executed under the high-privilege context of the IIS AppPool.
eb65f546694378db27ee102831851f498e62d4fb03e39ac60cfe0233903e6505