AirControl 1.4.2 - PreAuth Remote Code Execution

Exploit Title: AirControl 1.4.2 - PreAuth Remote Code Execution Date: 2020-06-03 Exploit Author: 0xd0ff9 vs j3ssie Vendor Homepage: https://www.ui.com/ Software Link: https://www.ui.com/download/!utilities Version: AirControl = 1.4.2 Signature:...

WordPress Safe SVG plugin <=1.9.5 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability found by 0xd0ff9 in WordPress Safe SVG plugin versions =1.9.5. Solution Update the WordPress Safe SVG plugin to the latest available version at least 1.9.6...