Joomla Huge IT Gallery component version 1.1.5 suffers from cross site scripting and remote SQL injection vulnerabilities.
120e40124b2650bf6bce6e60a521c443d54b15ebf39bb3e4eefcfa1bddb21b44
The Joomla Weblinks component suffers from a remote shell upload vulnerability.
43c2692dbcc9023249dc7dcc905354ee474b5b51e10fc0837f5a1f16ea956d50
Autobahn|Python incorrectly checks the Origin header when the 'allowedOrigins' value is set. This can allow third parties to execute legitimate requests for WAMP WebSocket requests against an Autobahn|Python/Crossbar.io server within another browser's context. This is addressed in version 0.15.0.
a6b400b8f7febcf337e4f3b6452bfd2ec96d9d6edd9c6329679e50b857c3b896
NetBSD mail.local(8) local root exploit that leverages a race condition as noted in NetBSD-SA2016-006.
ee955b7a52b2b1e4a0cd6baef82904dc7cfb28e310abaf3166325756dc708c3f
This Metasploit module exploits a remote command execution vulnerability in the Barracuda Web App Firewall Firmware version 8.0.1.007 and below and Load Balancer Firmware versions 5.4.0.004 and below by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configurations on the appliances.
1140a40daee90570960cfd7f3c6d5cd7ddfbca7468a85535b18619b259be1089
This Metasploit module exploits a remote command execution vulnerability in the Barracuda Spam and Virus firewall firmware versions 5.1.3.007 and below by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configuration on the local machine.
808ddc4f2e9d4a40b867ca92e98217e9170d718d92040b6e9e8b3c8f3b5a6144
Rapid7 AppSpider version 6.12 web application vulnerability scanner suffers from an unquoted search path issue impacting the services 'AppSpider REST Server', 'AppSpider REST Service' and 'AppSpiderUpgradeService' for Windows deployed as part of AppSpider solution. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
55ddb2f9d5c796a92a54f5b0955345575e3f554eb0f7b54edbe97bbeacde61dd
TeamPass Passwords Management System versions 2.1.26 and below suffer from an unauthenticated arbitrary file download vulnerability.
a6f938983c6627ce76219ba9164c73d23d86783ad91a0f97d30fe23dfba8b5cb
TFTP server version 1.4 WRQ buffer overflow exploit with egghunter shellcode.
a30f7f90aaf3e52cc92f8023f2b71bdf8d949aab32bd3f9c15ff00525964c1e4
This Metasploit module exploits a Remote PHP Code Execution vulnerability in Drupal RESTWS Module. Unauthenticated users can execute arbitrary code under the context of the web server user. RESTWS alters the default page callbacks for entities to provide additional functionality. A vulnerability in this approach allows an unauthenticated attacker to send specially crafted requests resulting in arbitrary PHP execution. RESTWS 2.x prior to 2.6 and 1.x prior to 1.7 versions are affected by issue. This Metasploit module was tested against RESTWS 2.5 with Drupal 7.5 installation on Ubuntu server.
c6c0be3f72ff30a42cf8f8c8dcd4baa257f0bf6daac321668562e0a213562cb5
UPC Hungary devices have the same administrative password for all devices, send it insecurely over the wire, and also use telnetd by default.
9e0e33c17bc41fa8dc76d5a50ef735e96f09bdd73c9fadc26ee098ec11b32761
The Technicolor TC7200 suffers from session management issues and also uses a fixed password for backup file encryption. Proof of concept code included.
7a2e8ac2ef48f60614987fa552f45f98556917682e70c63df7742e5ad41f458a
WordPress WooCommerce plugin version 2.6.2 suffers from a cross site scripting vulnerability.
a5f0af318f11ee0e790f9fb5900db8a34e7b925b850843f7eeed1f9c5e73b2f8
WordPress Paid Memberships Pro plugin version 1.8.9.3 suffers from a cross site scripting vulnerability.
a5bb4dd7ef4da835e85ed1825882e67fe68468fd012001d45be5949f94701a2a
PHP versions 7.0.8, 5.6.23, and 5.5.37 suffers from an out-of-bounds write vulnerability in bzread().
7111a3aeb099e5121e1419ef1d6496905a8379d4ecf9926707c9684242505445
The Compal CH7465LG-LC suffers session management, denial of service, unauthenticated configuration changes, and command injection vulnerabilities. Proof of concept included.
5d06e5b58ccc73b68e5bffdbf0373df8bb1bc1f24567e7cae58f2a5c6f1b02e6
The default SSID and passphrase on the Cisco EPC3925 are derived from the MAC address and the DOCSIS serial number. Since the MAC address of the device is broadcasted via WiFi and the typical serial number is within the range 200.000.000 and 260.000.000, the default password can be brute-forced within minutes. Proof of concept included.
6072b1ec30864428a22619448d2693155647c1a284a3e7a6e034187b98d0048e
OpenSSHD versions 7.2p2 and below remote username enumeration exploit.
2f182c8354b3885f9f53dee4dfd49de6b64a388306dc36b6cf716adfc0ef8ac9
A total of 27 vulnerabilities have been patched by Oracle. These affect eBusiness Suite R12.x and 11.5, Apex, Primavera, OBIEE, and Agile DB components. These issues include SQL injection, cross site scripting, XXE injection, SSRF, failed access controls, and more.
1653be97a06d0c2cfb3b03919f6fc2b0e26ba7129144b78467d3acbf64b1587a
Wowza Streaming Engine suffers from multiple reflected cross site scripting vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Version 4.5.0 build 18676 is affected.
2523e79ab44f97c6ba12c7d6cca69bcb2705a67438d5e18cab9228b1987fd2b6
Wowza Streaming Engine version 4.5.0 build 18676 stores sensitive information in cleartext within a resource that might be accessible to another control sphere. When the file is modified it is automatically applied into the application with newly created user account. Wowza stores sensitive information such as username and password in cleartext in admin.password file, which is readable by local users.
6aeb40c49c98f54885a81500ea883a8c18636e37e6a4106edc674c11c35d726c
Wowza Streaming Engine version 4.5.0 build 18676 suffers from a cross site request forgery vulnerability.
62f01e79af598b0742b989b77d2439edfb0e0bc768e7e6c6f6a1d2e4736744c2
The Wowza Streaming Engine application suffers from a privilege escalation issue. Normal user (read-only) can elevate his/her privileges by sending a POST request setting the parameter 'accessLevel' to 'admin' gaining admin rights and/or setting the parameter 'advUser' to 'true' and '_advUser' to 'on' gaining advanced admin rights. Version 4.5.0 build 18676 is affected.
6dff3829d868f5291d523f9273d16a035430766d14c73adc9a0bea44fd2a9c99
Wowza Streaming Engine suffers from an elevation of privileges vulnerability which can be used by a simple authenticated user that can change the executable file with a binary of choice. The vulnerability exist due to the improper permissions, with the 'F' flag (Full) for 'Everyone' group. In combination with insecure file permissions the application suffers from an unquoted search path issue impacting the services 'WowzaStreamingEngine450' and 'WowzaStreamingEngineManager450' for Windows deployed as part of Wowza Streaming software. Version 4.5.0 build 18676 is affected.
d540e3f2fcd68f2e6da510dff4fc2e5afbf1649659c608d2f1f24e39cb9e934c
WordPress Video Player plugin version 1.5.16 suffers from multiple remote SQL injection vulnerabilities.
e466846931ce435c89ed6a17e672eaf0b4818880fd543e1016bd3f3bc4de6f26