EdgeCore ES3526XA Manager suffers from weak credential, access bypass, and cross site request forgery vulnerabilities.
4c554624c94b5f4cf21ee4495b9c4e0f66a5180eb79df24623c95cf9103237bcWordPress Ultimate Product Catalog plugin version 3.8.6 suffers from a remote shell upload vulnerability.
d5d2b6345ca7d0fde8061b241864354a010b8de0d20146ab1dc71c6e78336944vPet Engine version 2.1 suffers from remote SQL injection and default backdoor admin account vulnerabilities.
08d39470cbc25319403472e611c9ec681e4e89fbc69cceceafd8d9dd7b97dbc9Sierra Wireless AirLink Raven XE Industrial 3G Gateway suffers from cross site request forgery, information disclosure, and remote file upload vulnerabilities.
cf133ee4a7539de41de8f9b10bd820c5bdadc47e30cbefba82a1519fcb4b5918PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
8df070696b0cc54f7458ad845c421d4417dcb7ab69a5053d5e403580619a5510A default installation of Windows 7/8 can be made to perform a NTLM reflection attack through WebDAV which allows a local user to elevate privileges to local system.
38a08b6ee37889a0cd9d35ed8ee32279823b97688768df81253865add1d05bf8Red Hat Security Advisory 2016-1292-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or execute arbitrary code with the permissions of the user running the application.
f71832d18eb162dc5fa8c15b9bf6f44e5899fa4cbb3450d0443c272d19d2db1fRed Hat Security Advisory 2016-1293-01 - The setroubleshoot packages provide tools to help diagnose SELinux problems. When Access Vector Cache messages are returned, an alert can be generated that provides information about the problem and helps to track its resolution. The setroubleshoot-plugins package provides a set of analysis plugins for use with setroubleshoot. Each plugin has the capacity to analyze SELinux AVC data and system data to provide user friendly reports describing how to interpret SELinux AVC denials.
f1fefa3c6150138e6c35d3a12c0085abef4c3c956a18293274ec8285c20af129FinderView suffers from path traversal and cross site scripting vulnerabilities.
6f0343e72d022fbf8ca84c53fac312b430c2903c7ac17c64256d39c5523fe9abXuezhuLi FileSharing suffers from a cross site request forgery vulnerability.
f60fc03551aa9903def6dd34f7141d7b2309b7088993125112f90e91777bb33fXuezhuLi FileSharing suffers from a path traversal vulnerability.
a4e2043fbe4468389cbc326931a2c4f78de8ef1102c6a13daece3a4b7aa8b215Getsimple CMS versions 3.3.10 and below suffer from a remote shell upload vulnerability.
e533c4e4ee4a7310978c28f7f540538a929f153e141561dd80c4d128d1c5fa32Dolibarr CRM versions prior to 3.9.1 suffer from a command injection vulnerability.
72598740c36ce33bbbb05e4e0c1eab2ccda56772b3cadd684a9b6e1a93d60723Quick.Cart.Ext versions 6.7 and below remote admin add cross site request forgery exploit.
cdc2fb719137f7fda0879b5a08fdda22d982ee74b7962be63484b876663356d3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed