ZTE MF253V 1.0.0B04 XSS / CSRF / Hardcoded Password
Authored by T. Weber, S. Robertz | Site sec-consult.com
ZTE WLAN router MF253V version 1.0.0B04 suffers from cross site request forgery, hardcoded password, outdated component, and cross site scripting vulnerabilities.
Change...
Wondershare Driver Install Service Help 10.7.1.321 Unquoted Service Path
Authored by Luis Sandoval
Wondershare Driver Install Service Help version 10.7.1.321 suffers from an unquoted service path vulnerability.
Change Mirror Download
# Exploit Title: Wondershare Driver Install Service help 10.7.1.321 - 'ElevationService'...
osCommerce 2.3.4.1 Cross Site Scripting
Authored by Emre Aslan
osCommerce version 2.3.4.1 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: osCommerce 2.3.4.1 - 'title' Persistent Cross-Site Scripting# Date: 2020-11-19# Exploit Author:...
SyncBreeze 10.0.28 Remote Buffer Overflow
Authored by Abdessalam King
SyncBreeze version 10.0.28 suffers from a remote buffer overflow vulnerability.
Change Mirror Download
# Exploit Title: SyncBreeze 10.0.28 - 'password' Remote Buffer Overflow# Date: 18-Sep-2020# Exploit Author: Abdessalam...
WordPress Simple File List Unauthenticated Remote Code Execution
Authored by h00die, coiffeur | Site metasploit.com
This Metasploit module exploits WordPress Simple File List plugin versions prior to 4.2.3, which allows remote unauthenticated attackers to upload files within a...
Kong Gateway Admin API Remote Code Execution
Authored by Graeme Robinson | Site metasploit.com
This Metasploit module uses the Kong admin API to create a route and a serverless function plugin that is associated with the route....
OpenMediaVault rpc.php Authenticated PHP Code Injection
Authored by Anastasios Stasinopoulos | Site metasploit.com
This Metasploit module exploits an authenticated PHP code injection vulnerability found in openmediavault versions before 4.1.36 and 5.x versions before 5.5.12 inclusive in...
Barco wePresent Insecure Firmware Image
Authored by Matthew Bergin, Jim Becher | Site korelogic.com
Barco wePresent WiPG-1600W versions 2.5.1.8, 2.5.0.25, 2.5.0.24, and 2.4.1.19 have firmware that does not perform verification of digitally signed firmware updates...
Boxoft Audio Converter 2.3.0 Buffer Overflow
Authored by Luis Martinez
Boxoft Audio Converter version 2.3.0 suffers from a buffer overflow vulnerability.
Change Mirror Download
# Exploit Title: Boxoft Audio Converter 2.3.0 - '.wav' Buffer Overflow (SEH)# Discovery by:...
TP-Link TL-WA855RE V5_200415 Device Reset Authentication Bypass
Authored by malwrforensics
The TP-Link TL-WA855RE V5_200415 suffers from a flow where an unauthenticated attacker can reset the device and then set a new administrator password.
Change Mirror Download
# Exploit Title:...
