CVE-2025-42950

SAP Landscape Transformation (SLT) is affected by a CVE-2025-42950 vulnerability in which an attacker with user privileges can exploit a flaw in a function module exposed via RFC to inject arbitrary ABAP code, bypassing authorization checks and potentially compromising confidentiality, integrity,...

Mozilla Firefox < 17.0.1 - Flash Privileged Code Injection Exploit

Exploit for multiple platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule HttpClients::FF, :uaminver = "17.0", :uamaxver = "17.0.1", :javascript ...

Mozilla Firefox Flash Privileged Code Injection (CVE-2013-0757; CVE-2013-0758)

A Privileged Code Injection vulnerability has been reported in Mozilla Firefox. The vulnerability is due to a design flaw which allows to open a privileged chrome web page through plugin objects. Successful exploitation could allow an attacker to execute arbitrary code...

Firefox 17.0.1 Flash Privileged Code Injection

This exploit gains remote code execution on Firefox 17 and 17.0.1, provided the user has installed Flash. No memory corruption is used. First, a Flash object is cloned into the anonymous content of the SVG "use" element in the This module requires Metasploit: https://metasploit.com/download Curre...

WizzRSS Firefox Extension - Privileged Code Injection

, , . .' '. ', . , '. , ., , / / / ==/ / / / / / / | Y Y / /| / /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. WizzRSS Firefox Extension Code Injection Vulnerability Versions affected: WizzRSS Reader 3.1.0.0 WizzRSS Reader Lite 3.0.0.9b +-----------+ |Description| +-----------+ The WizzRSS...