This Metasploit module allows you to inject unix command with the same user who runs the http service - admin - directly on the QNAP system. Affected products: All Turbo NAS models except TS-100, TS-101, TS-200
79dd95bcb902cad5bd13f3008b386fe5dca9f4ee0630d82cdc725d1c103118d0
Chamilo LCMS Connect version 4.1 suffers from a cross site request forgery vulnerability.
e6d33c2ac3475671dccc1719ebe3a8c61a272de4e15c67ec8ec0476599601b4f
WebGate eDVR Manager suffers from a WESPMonitor.WESPMonitorCtrl LoadImage stack buffer overflow vulnerability.
616a5b4ad035d49ae36c0d90123e500cd076899a0540363475f6e0e53d9eed49
Chamilo LCMS Connect version 4.0 is susceptible to clickjacking attacks.
d5fed4987c696e2ab701965b054ee445fdc40c2d6a00f1ec964331200e60c610
Acunetix versions 9.5 and below OLE automation array remote code execution exploit.
4791e4833193dd5d7c07ecafb6b3f2ab184baf7fa7d086b3a76a5c179b5f379e
When using the Developer Tools of MSIE 8, one might hover the mouse over a button in the "Script" tab, at which point a "tooltip" is shown. If one then clicks the button, a use-after-free occurs.
cec4afb711d5667871c3fd945bdf77db6ba3ca778cc12958105abb9afe2c84e3