This Metasploit module exploits an unauthenticated arbitrary file upload via an insecure POST request to Fortilogger. It has been tested on version 4.4.2.2 in Windows 10 Enterprise.
986492d22038a772f87e46c47ea24f02
Concrete5 version 8.5.4 suffers from a persistent cross site scripting vulnerability.
31516dc5fe79d5bc6594c0c2b8bd9695
Trojan-Spy.Win32.Stealer.osh malware suffers from an insecure permissions vulnerability.
cd988557999568e9524b9a02af153c2d
Online Catering Reservation System version 1.0 suffers from an unauthenticated remote code execution vulnerability.
0bf36bbfde85c322826249f0163222b2
Covid-19 Contact Tracing System version 1.0 suffers from a remote code execution vulnerability.
596f3efb1cd2f8ac3d549ca46576b6f9
VMware vCenter Server version 7.0 unauthenticated arbitrary file upload exploit.
8dcbcd4aa0bd7cc8803e9bfffc6bc6cd
Backdoor.Win32.RemoteManipulator.fdo malware suffers from an insecure permissions vulnerability.
170a73b9758d66901b465b56ab98be6d
WiFi Mouse version 1.7.8.5 suffers from a remote code execution vulnerability.
950b1e2cd5d209774ace3de452474d88
Package Control suffers from an arbitrary file write vulnerability.
fc1001c8bbe8a7cae533f770aa149604
Microsoft DirectWrite suffers from a heap-based buffer overflow vulnerability in fsg_ExecuteGlyph while processing variable TTF fonts.
2de67da6a3c68e4e7554e5dc2ee4743e
Chrome suffers from an out-of-bounds read vulnerability in network DataElement struct traits.
73c96566e94e07ed3318c4a92b7a01b4
Trojan-Proxy.Win32.Delf.ai malware suffers from a buffer overflow vulnerability.
d801efd6518f2a50be0f527a939444fd
Doctor Appointment System version 1.0 suffers from multiple cross site scripting vulnerabilities.
d1bc4f64d40ffd8c1322e2df70eb569a
Trojan-Dropper.Win32.Daws.etlm malware suffers from a remote unauthenticated system reboot vulnerability.
f4fa7dd89d017221e4cde0c1b8849836
Online Catering Reservation System version 1.0 suffers from a remote SQL injection vulnerability.
53624ef7c395d83227fd97f6182a148d
VisualWare MyConnection Server version 11.x suffers from a remote code execution vulnerability.
cf188679c13163fa44bbfe617632fcd1
Triconsole version 3.75 suffers from a cross site scripting vulnerability.
a9de50147d1db33c481d6e9971fbecdf
Zenphoto CMS versions 1.5.7 and below suffer from a remote shell upload vulnerability.
a2953bf434e2c790793df43f6311240f
Remote Desktop Web Access suffers form an authentication timing attack vulnerability.
d7a6d2ac9acd853edd93517eab0a4f55
Trojan.Win32.Hotkeychick.am malware suffers from an insecure permissions vulnerability.
466432b47b04405ef5ab3eec5f026a49
Backdoor.Win32.Azbreg.amw malware suffers from an insecure permissions vulnerability.
a003e0c2bf64c9974010a0c43521f787
Trojan-Spy.Win32.SpyEyes.elr malware suffers from an insecure permissions vulnerability.
1d3ccf2d50909515fefad225738601a6
Trojan-Dropper.Win32.Daws.etlm malware suffers from a remote unauthenticated system reboot vulnerability.
68c57accbf9d176f0f232920d6f0c18f
Squid versions 4.14 and 5.0.5 suffer from a double free vulnerability that can result in code execution.
39e3c8d3851cd1d104ba5b6e00b71d31
LightCMS version 1.3.4 suffers from a persistent cross site scripting vulnerability.
218527c3503c0a7e9b9b79cd460a1598