WordPress Plugin wpDiscuz 7.0.4 – Arbitrary File Upload Exploit
The WordPress plugin wpDiscuz version 7.0.4 suffers an arbitrary file upload vulnerability that does not require authentication.
The Latest Infosec News, Tools, and Exploits – Got Root?
The WordPress plugin wpDiscuz version 7.0.4 suffers an arbitrary file upload vulnerability that does not require authentication.
MyBB version 1.8.25 suffers from a chained remote command execution (RCE) flaw. Upgrade to version 1.8.26
Microsoft Windows Internet Explorer 11 32-bit adition suffers a Use-After-Free Exploit
The software Pixelimity version 1.0 suffers from a password CSRF (Cross Site Request Forgery) vulnerability.
The software Roundcube Webmail version 1.2 suffers from a File Disclosure vulnerability.
The WordPress CMS version 5.0.0 suffers from a Image Remote Code Execution vulnerability via access with at least an Author account.
SonicWall SSL-Virutal Private Network version 8.0.0.0 is vulnerable to “shellshock/visualdoor” RCE (Remote Code Execution) Unauthenticated.
The MyBB Forum plugin Timeline version 1.0 is vulnerable to XSS(Cross site Scripting) and CSRF(Cross Site Request Forgery) attacks.
Oracle Business Intelligence Enterprise Edition version 11.1.1.7.140715 is vulnerable to a stored cross site scripting exploit.