BytesFall Explorer suffers from an input sanitization vulnerability in login/doLogin.php which can lead to SQL injection. POC included that resets the admin password.
1b3384295cc40582dd6514cbe63d27f8bf11a96926f807aa15b400b9c9371222
RedTeam has identified a SQL injection that can be triggered due to a lack of user input sanitization in phpBannerExchange versions 2.0 RC5 and below. It is possible to recover a password of a user and thereby overtake his account.
6ba2021069dae4cc4deafb57eec1782f8dfa9bd1d74db02264d59185289236ed
RedTeam has identified two SQL injections in phpBannerExchange versions 2.0 RC5 and below. It is possible to bypass user authentication with them.
cc4e9cea63831b0dbd365791ac86fcd3dac5bdefc5633a4195dec899f8720d5f
RedTeam identified a security flaw in perlpodder versions 0.4 and below which makes it possible for a malicious podcast server to execute arbitrary shell commands on the victim's client.
d686ebd6d0f72001988dd595a3a938da6296bf4e8ed1a1d3da041456e3806d68
RedTeam identified a security flaw in prodder versions 0.4 and below which makes it possible for a malicious podcast server to execute arbitrary shell commands on the victim's client.
975e42263e294d6f883525759982d7537fbd5d89e46c8f947eabcdc5fe0eada4
PAJAX versions less than pajax-0.5.2 suffer from remote code injection and arbitrary file inclusion. POC included.
0a7cdff679ce3cf98d1a3f09f26716a9b0feae110597d211b27b6b74615af08e
The new iTAN security feature for online banking promoted by german banks does not protect against phishing attacks and trojans as claimed.
cb1adf92269713fa4bf2b3ab42a898b4be796883e01115470b2291968fd231e9