WordPress Tutor LMS plugin version 1.5.3 suffers from a cross site request forgery vulnerability.

Prestashop versions 1.7.6.4 and below suffer from code execution, cross site request forgery, and cross site scripting vulnerabilities.

WordPress Event-Registration plugin version 5.43 suffers from an arbitrary file upload vulnerability.

This Metasploit module leverages a trusted file overwrite with a dll hijacking vulnerability to gain SYSTEM-level access on vulnerable Windows 10 x64 targets.

This Metasploit module exploits a NULL pointer dereference vulnerability in MNGetpItemFromIndex(), which is reachable via a NtUserMNDragOver() system call. The NULL pointer dereference occurs because the xxxMNFindWindowFromPoint() function does not effectively check the validity of the tagPOPUPMENU objects it processes before passing them on to MNGetpItemFromIndex(), where the NULL pointer dereference will occur. This module has been tested against Windows 7 x86 SP0 and SP1. Offsets within the solution may need to be adjusted to work with other versions of Windows, such as Windows Server 2008.

Local root exploit for the FreeBSD mqueuefs vulnerability as disclosed in FreeBSD-SA-19:15.mqueuefs.

Local root exploit for the FreeBSD fd vulnerability as disclosed in FreeBSD-SA-19:02.fd.

Neowise CarbonFTP version 1.4 suffers from an insecure proprietary password encryption implementation. Second version of this exploit that is updated to work with Python 3.

FlashGet version 1.9.6 remote buffer overflow proof of concept exploit.

With Windows 2000 Microsoft introduced the inheritance of access rights and new Win32-API functions like SetNamedSecurityInfo() which handle the inheritance. SetNamedSecurityInfo() but has a serious bug: it applies inheritable ACEs from a PARENT object to a target object even if it must not do so, indicated by the flags SE_DACL_PROTECTED and/or SE_SACL_PROTECTED in the security descriptor of the target object.

CentOS Control Web Panel version 0.9.8.836 suffers from a privilege escalation vulnerability.

This Metasploit module attempts to gain root privileges by blindly injecting into the session user's running shell processes and executing commands by calling system(), in the hope that the process has valid cached sudo tokens with root privileges. The system must have gdb installed and permit ptrace. This module has been tested successfully on Debian 9.8 (x64) and CentOS 7.4.1708 (x64).

This Metasploit module attempts to gain root privileges with SUID Xorg X11 server versions 1.19.0 up to 1.20.3. A permission check flaw exists for -modulepath and -logfile options when starting Xorg. This allows unprivileged users that can start the server the ability to elevate privileges and run arbitrary code under root privileges. This module has been tested with CentOS 7 (1708). CentOS default install will require console auth for the users session. Xorg must have SUID permissions and may not start if running. On successful exploitation artifacts will be created consistent with starting Xorg.

WordPress WooCommerce CardGate Payment Gateway plugin version 3.1.15 suffers from a payment process bypass vulnerability.

HP ThinPro versions 7.1, 7.0, 6.2.1, and 6.2 suffer from an application filter bypass vulnerability.

This Metasploit module is an exploit that takes advantage of xglance-bin, part of HP's Glance (or Performance Monitoring) version 11 and subsequent, which was compiled with an insecure RPATH option. The RPATH includes a relative path to -L/lib64/ which can be controlled by a user. Creating libraries in this location will result in an escalation of privileges to root.

WordPress WooCommerce Advanced Order Export plugin version 3.1.3 suffers from a cross site scripting vulnerability.

WordPress Dosimple theme version 2.0 suffers from a cross site scripting vulnerability.

This Metasploit module exploits a vulnerability in the rds_page_copy_user function in net/rds/page.c (RDS) in Linux kernel versions 2.6.30 to 2.6.36-rc8 to execute code as root (CVE-2010-3904). This module has been tested successfully on Fedora 13 (i686) kernel version 2.6.33.3-85.fc13.i686.PAE and Ubuntu 10.04 (x86_64) with kernel version 2.6.32-21-generic.