2 matches found
GL-AR300M-Lite 2.27 - (Authenticated) Command Injection / Arbitrary File Download / Directory Traversal
Exploit Title: GL-AR300M-Lite Authenticated Command injection - Arbitrary file download - Directory Traversal Date: 15/1/2019 Exploit Author: Pasquale Turi aka boombyte Vendor Homepage: https://www.gl-inet.com/ Software Link: https://www.gl-inet.com/products/gl-ar300m/ Version: Firmware version...
WordPress Media File Manager plugin <= 1.4.2 - Directory Traversal vulnerability
Directory Traversal vulnerability found by boombyte in WordPress Media File Manager plugin versions = 1.4.2. Solution WordPress Media File Manager plugin was closed on 2018 November 8 and is no longer available for download. Please deactivate and uninstall plugin as soon as possible...