| Latest Exploits |
| Showing 'Latest Exploits' from 11 to 20|
| |Drupal RESTful Web Services Unserialize() Remote Code Execution This Metasploit module exploits a PHP unserialize() vulnerability in Drupal RESTful Web Services by sending a crafted request to the /node REST endpoint. As per SA-CORE-2019-003, the initial remediation was to disable POST, PATCH, and PUT,...
| |Linux Virtual Address 0 Mappable Via Privilege Write() It was discovered that virtual address 0 is mappable via privileged write() to /proc/*/mem on Linux.
| |Android Getpidcon() ACL Bypass getpidcon() usage in hardware binder servicemanager on Android permits ACL bypass.
| |Android Binder Use-After-Free Android suffer from a binder use-after-free via a racy initialization of ->allow_user_free.
| |Splunk Enterprise 7.2.4 Remote Code Execution Splunk Enterprise version 7.2.4 custom application remote code execution exploit using a persistent backdoor with a custom binary payload.
| |Raisecom XPON ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 Remote Code Execution Raisecom XPON ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 remote code execution proof of concept exploit.
| |Booked Scheduler 2.7.5 Remote Command Execution This Metasploit module exploits a file upload vulnerability Booked 2.7.5. In the "Look and Feel" section of the management panel, you can modify the Logo-Favico-CSS files. Upload sections has file extension control except favicon part....
| |ElFinder 2.1.47 Command Injection elFinder versions 2.1.47 and below suffer from a command injection vulnerability in the PHP connector.
| |Fiberhome AN5506-04-F RP2669 Cross Site Scripting Fiberhome AN5506-04-F RP2669 suffers from a persistent cross site scripting vulnerability.
| |MarcomCentral FusionPro VDP Creator Directory Traversal MarcomCentral FusionPro VDP Creator versions prior to 10.0 suffer from a directory traversal vulnerability.
| « Newer 1 2 3 4 5 6 7 8 9 10 Older » |