Apadana CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
122e5a72a6b60aa528956dc8cfaaad8b4971a382ce424a8ef9fd8aabae24348dWordPress Html5 Mp3 Player with Playlist plugin suffers from a path disclosure vulnerability.
a395f8e1632fe09c9796015a953289ca7779ef8883cfb4207f74d122ee0bf176The TRENDnet UltraCam ActiveX Control UltraCamX.ocx suffers from a stack buffer overflow vulnerability when parsing large amount of bytes to several functions in UltraCamLib, resulting in memory corruption overwriting several registers including the SEH. An attacker can gain access to the system of the affected node and execute arbitrary code. Versions TV-IP422WN and TV-IP422W are affected.
2d39a4ea21cf4afd0410a9a41c0e154ff98477ea7f9cd599dc79603605eed5e2Mozilla Firefox 3.6 is prone to a use-after-free vulnerability in OBJECT mChannel that allows an attacker to execute arbitrary code.
63492638eb8f2df03de0dbf8395d34343238283febf9e9f33e6d25a0779b6e12KMPlayer version 3.9.1.130 suffers from an integer division by zero denial of service vulnerability.
46e4225ba329eb3a05698c03f7d702576a31704dd6310911a1965c1518569b5dThis is a proof of concept that demonstrates how the Bash shellshock vulnerability can be used in PHP to bypass disable_functions, safe_mode, etc.
b9bd9444e5105c1afeb7ec6b5e23447262e07246b635b19251ef95b61a88d237WordPress wpDataTables plugin versions 1.5.3 and below suffer from a remote SQL injection vulnerability.
87a417e5238d97fe9035e045c94dfd0fcf4fb3ff779079cb6b1d8e8d37e03b1dWordPress wpDataTables versions 1.5.3 and below suffer from a remote shell upload vulnerability.
4c0eecc8ed8af779770866bde670598a67953b0d2cf85eb5d22da1857bc1698cThe TP-Link WR740N Wireless N Router network device is exposed to a denial of service vulnerability when processing a HTTP GET request. This issue occurs when the web server (httpd) fails to handle a HTTP GET request over a given default TCP port 80. Resending the value 'new' to the 'isNew' parameter in 'PingIframeRpm.htm' script to the router thru a proxy will crash its httpd service denying the legitimate users access to the admin control panel management interface. To bring back the http srv and the admin UI, a user must physically reboot the router.
2d5c67ad258cb6a1494990593e63c87d83f8cc8189f29863e2a405a87135f8ccRobotStats version 1.0 suffers from an html injection vulnerability.
7334dff97c02fb6a3cbce85a0c35231f6db8854176882e8b32bd7555de203734RobotStats version 1.0 suffers from a remote SQL injection vulnerability.
e4b88798aa77e59599613244d7d2d36b46a5acdcf0feb48cd953f4e277596bd4WordPress WP-DB-Backup plugin version 2.2.4 suffers from a backup stealing vulnerability.
3f691ce1016dc80d468a5d6b6fae84df98d2312687594d4614b84f2d81dce5ecFluxBB versions 1.5.6 and below suffer from a remote SQL injection vulnerability.
4b488418ebb74cff213944590b373890d3c07b58541f387aae4d4d478f269955Privacyware Privatefirewall version 7.0 suffers from an unquoted search path issue impacting the Core Service 'PFNet' service for Windows deployed as part of Privatefirewall bundle. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
72c60aa352044f0a19f6a1f7017aca854db891e8955383cd6a110d5872cf10ceThe Netgear Wireless Router WNR500 suffers from an authenticated file inclusion vulnerability (LFI) when input passed thru the 'getpage' parameter to 'webproc' script is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks.
6b1cac42339ed6d753c18f9439e8f09185a5a002e722156840b34f1b66a6a123Supr Shopsystem version 5.1.0 suffers from a persistent cross site scripting vulnerability.
d239919808c42bcfd73d9a1bdc41e0e79ba071ea4ba1128d751cd075c2db8070WordPress SP Client Document Manager plugin version 2.4.1 suffers from multiple remote SQL injection vulnerabilities.
b18e6e4b484a312dbda33b1e6f7d610706ece1a457666fdd2cd58a06ceab8864Booking.com suffers from an open redirection vulnerability.
f2358fbee6f5af6b154336cd6f1cd85ff2e91030dd22a7ffc1202c127a773e86Zenario CMS version 7.0.2d suffers from cross site scripting and open redirection vulnerabilities.
544d76bbfe2ee7fe1e09e322e7b0f4b627b274a70c83144675ce569ff75ff7a6Microsoft Internet Explorer OLE Pre-IE11 automation array remote code execution / powershell VirtualAlloc MS14-064 exploit.
d3053b664458c408fee9df099a23f568d9bd4a2935dc2bc5f92cc1ab8dda07aaThis Metasploit module exploits a buffer overflow in the RTSP request parsing code of Hikvision DVR appliances. The Hikvision DVR devices record video feeds of surveillance cameras and offer remote administration and playback of recorded footage. The vulnerability is present in several models / firmware versions but due to the available test device this module only supports the DS-7204 model.
6b2b9a85fb38d16071b6b342c045ffee4f7eec319cde44c45f5692a33a084002Core Security Technologies Advisory - Advantech EKI-6340 series is vulnerable to an OS command injection, which can be exploited by remote attackers to execute arbitrary code and commands, by using a non privileged user against a vulnerable CGI file.
a64726d244d547419fa3a47c114cb81761f6e477ec05f980a3199ab9e0a55acaWordPress CM Download Manager plugin versions 2.0.0 and below suffer from a code injection vulnerability.
85816724b146fa7f598695ab683a2371e3a701ba19011ec52740b1d217e59ab4PHP version 5.5.12 suffers from a memory corruption vulnerability that could potentially be exploited to achieve remote code execution. The vulnerability exists due to inconsistent behavior in the get_icu_value_internal function of ext\intl\locale\locale_methods.c. In most cases, get_icu_value_internal allocates memory that the caller is expected to free. However, if the first argument, loc_name, satisfies the conditions specified by the isIDPrefix macro (figure 1), and fromParseLocal is true, loc_name itself is returned. If a caller abides by contract and frees the return value of such a call, then the pointer passed via loc_name is freed again elsewhere, a double free occurs.
e1dcadb447af1ab80dabe070ca75aed52d71efed2b43a7c6a34d21061054de25Paid Memberships Pro version 1.7.14.2 suffers from a path traversal vulnerability.
4e6d1b287ebd0d181c3762de6568c6062d1da3e10e5905bef16c7bcb93e2e928
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed