WordPress Block-Spam-By-Math-Reloaded Plugin Bypass
WordPress authentication brute force and user enumeration utility for Metasploit.
View ArticlePolycom Web Management Interface Directory Traversal
The Polycom web management interface on model G3/HDX 8000 HD suffers from a directory traversal vulnerability.
View ArticlePolycom Web Management Interface Command Injection
The Polycom web management interface on model G3/HDX 8000 HD suffers from a remote command injection vulnerability.
View ArticleGoogle Chrome 21.0.1180.57 NULL Pointer
Google Chrome versions 21.0.1180.57 and below suffer from a NULL pointer vulnerability in InspectDataSource::StartDataRequest.
View ArticleIgnition Remote Code Execution
Ignition versions prior to 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and...
View ArticleApache APISIX Remote Code Execution
Apache APISIX has a default, built-in API token that can be used to obtain full access of the admin API. Access to this API allows for remote LUA code execution through the script parameter added in...
View ArticleF5 BIG-IP iControl Remote Code Execution
This Metasploit module exploits an authentication bypass vulnerability in the F5 BIG-IP iControl REST service to gain access to the admin account, which is capable of executing commands through the...
View ArticleJBOSS EAP/AS 6.x Remote Code Execution
An unauthenticated attacker with network access to the JBOSS EAP/AS versions 6.x and below Remoting Unified Invoker interface can send a serialized object to the interface to execute code on vulnerable...
View ArticleFortinet FortiOS / FortiProxy / FortiSwitchManager Authentication Bypass
This Metasploit module exploits an authentication bypass vulnerability in the Fortinet FortiOS, FortiProxy, and FortiSwitchManager API to gain access to a chosen account and then adds an SSH key to the...
View ArticleGitLab GitHub Repo Import Deserialization Remote Code Execution
An authenticated user can import a repository from GitHub into GitLab. If a user attempts to import a repo from an attacker-controlled server, the server will reply with a Redis serialization protocol...
View ArticleSplunk edit_user Capability Privilege Escalation
Splunk suffers from an issue where a low-privileged user who holds a role that has the edit_user capability assigned to it can escalate their privileges to that of the admin user by providing a...
View Article
