Manage Engine EventLog Analyzer version 11.0 build 11000 suffers from multiple cross site scripting vulnerabilities.
825a03cbb015a5b79cbb7eb9f62d92d862768e7e84d9cbd4d1497eb92c26ea12
Easy Hosting Control Panel versions 0.29 through 0.37.9 suffer from information disclosure, authentication bypass, clear text password storage, and remote file upload vulnerabilities.
92d027b491a0587f69c8ac9a28d8b652868ac013c1ddd4a5765f2af4ee55d67e
PayPal suffered from a filter bypass vulnerability that allowed for malicious input into email.
fe4d650bbad9b984a3100d0893167bcbde00cf4efdd6e965562337ffd31c3f01
This Metasploit module exploits a directory traversal vulnerability in ATutor on an Apache/PHP setup with display_errors set to On, which can be used to allow us to upload a malicious ZIP file. On the web application, a blacklist verification is performed before extraction, however it is not sufficient to prevent exploitation. You are required to login to the target to reach the vulnerability, however this can be done as a student account and remote registration is enabled by default. Just in case remote registration isn't enabled, this module uses 2 vulnerabilities in order to bypass the authentication.
785e70dc713dbe9859a24caed94df37a4548874034fcd9af2cb5fcfe2e29d3b8
There is a remote debugger stub listening by default on a new install of TrendMicro Antivirus that can be exploited to launch executables.
191c3b9d20b797c02c3aeb399b9f99fed1f18221adf47c360e14714b35343f0c
Manage Engine Desktop Central version 9.1.0 build 91099 suffers from a cross site scripting vulnerability.
f8ccfebb4e934635d94e79bd0f76926af384cafb4f57181e94a1a6e511b9d44e
Fireware XTM Web UI versions prior to 11.10.7 suffer from an open redirection vulnerability.
9cf0d50a76454efe4c350846c2758f2facd9d84fa66efc3f5409c80f01a2a26b
Cogent Datahub versions 7.3.9 and below suffer from a gamma script elevation of privilege vulnerability.
2ae65153dc3e6b35a12d5c12ec5b362b36f6d464768f9bdd2c17bc2d18c1e488
TallSoft SNMP TFTP server version 1.0.0 suffers from a denial of service vulnerability.
f8935126d59fd833b21b23b2631bd40d708bec744aa6ed525ed4cb088eb59e3a
Trend Micro Deep Discovery versions 3.7 and 3.8 suffer from multiple cross site request forgery vectors. If an authenticated user visits a malicious webpage attackers will have ability to modify many settings of the Deep Discovery application to that of the attackers choosing.
4fcbc0ecd161f07f84b6f494716b66c2911b8b6d48a5b8ad3ba321fb4be6f363
WordPress Photocart Link plugin version 1.6 suffers from a local file inclusion vulnerability.
937709f095f23ded1eeaf31ad1fcacb2a5ca7bf97b91f27583ad59fa470cbd8f
WordPress IMDb Profile Widget plugin version 1.0.8 suffers from a local file inclusion vulnerability.
835851d014df83981e56e6c795a9db667207a83a17e80527deb4d2c78d0726b7
WordPress Visual Form Builder plugin version 2.8.6 suffers from a cross site scripting vulnerability.
d59e3708a15b9db6b5b606ae383991ce223d12827956904e28faeeec5f087565
WordPress Music Store plugin version 1.0.41 suffers from a cross site scripting vulnerability.
988d284d6c1d709b5bfdd283880cfa6381231da2fee67fe96e8305120928fdf6
WordPress CloudFlare plugin version 1.3.20 suffers from a cross site scripting vulnerability.
391af5fb920c77241b88831fa068d1fc2401dad6b87cddb277f854c56fc39923
WordPress Claptastic Clap! Button plugin version 1.3 suffers from a cross site scripting vulnerability.
ce6b8f7bed87ddff3fd682d9b53ada66633787541bcc3983e301782d06ce59c9
There's a logic error in the PCRE engine version used in Adobe Flash that allows the execution of arbitrary PCRE bytecode, with potential for memory corruption and remote code execution.
7634c378b901e854196bb2c6638f9cdaaeebb56a0a8e8bedc196af24d7ed49f8
C2Box versions 4.0.0(r19171) and below suffer from a validation bypass vulnerability.
bc375d41b3055dd7d57b4dcb888c8376a80e14b7eb5b23111b255db7bf853cad
D-Link DVG-5402SP with firmware RU_1.01 suffers from brute force and cross site request forgery vulnerabilities.
c8410e7fa996a726bd780808ee545d5c8187522011902a3d7b92ba00281dcef9
WAP Music CMS version 1.0.2 suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
440c37697ab8edd8dbd6a0b562451a6b35fdf19e78f73c8da8cdb1fb86dfe490
SM Soft Tech CMS XHTML Mobile version 1.0 suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
3f52ab5972f21a1805820c848ac3fb090e009c3ec26573e6539cedbeda2dbd25
The mip user is already quite privileged, capable of accessing sensitive network data. However, as the child process has supplementary gid contents, there is a very simple privilege escalation to root.
5b5d78147822a04ece55e3ad4dc78e4634f5ee4ab840d7ead31f0b0e6099d778
The wireless driver for the Android One (sprout) devices has a bad copy_from_user in the handling for the wireless driver socket private read ioctl IOCTL_GET_STRUCT with subcommand PRIV_CMD_SW_CTRL. This ioctl is permitted for access from the untrusted-app selinux domain, so this is an app-to-kernel privilege escalation from any app with android.permission.INTERNET.
f09afcb089991f9bdfe7878694f1b4aa53a78b0716b0db1d420fbf8364088819
The innovaphone IP222 provides a password protected administration interface, which can be accessed via a web browser. Although the basic authentication was disabled and instead the digest authentication is used, it is still possible to perform brute-force attacks against the password authentication process.
5a2d36d564fe004b8101678bcdc007666e0547fe8e23b7a50847efbc69680872
At startup the innovaphone IP222 sends an HTTP request for a special PNG file to the involved server system. After the download has finished, the image is displayed on the phone by selecting the receiver screen in the menu. Providing a large image file (6.9 MB) within the download process and selecting the receiver screen on the phone will lead to a crash of the application and cause a denial of service condition. Remote code execution via this security vulnerability may also be possible, but was not confirmed by the SySS GmbH.
082b8f3575ba36bdc1044ed8d817104a1afb0c9d70e9163c8f9dfb60e5762b1a