PayPal Beacon firmware fails to check signatures, has a static root password, and uses insecure transport over HTTP.
74769ae9b794d352a824424018db32f720241a068c8be6481346846e1022a73c
Drupal version 8.0.0 Beta 14 suffers from a cross site scripting vulnerability. Drupal's sad fix was to simply throw an .htaccess file in place to block access to the file.
5bd347c6e00b7474b1898520fa6e4c484efeb9fdb98a576944cad1bd5ccda41a
This Metasploit module exploits a stack based buffer overflow in Watermark Master 2.2.23 when processing a specially crafted .WCF file. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine by enticing a user of Watermark Master to open a malicious .WCF file.
2851660cb4d62d8f9a40addd3ae13ca6e19d4f8f869bc1c54774ff4435357d12
This Metasploit module exploits a file upload vulnerability in ManageEngine ServiceDesk Plus. The vulnerability exists in the FileUploader servlet which accepts unauthenticated file uploads. This Metasploit module has been tested successfully on versions v9 b9000 - b9102 in Windows and Linux. The MSP versions do not expose the vulnerable servlet.
420d521b451538bcdb3d95efb3417571e395f8709b295655dad279c97881d455
Kallithea suffers from a HTTP header injection (response splitting) vulnerability because it fails to properly sanitize user input before using it as an HTTP header value via the GET 'came_from' parameter in the login instance. This type of attack not only allows a malicious user to control the remaining headers and body of the response the application intends to send, but also allow them to create additional responses entirely under their control. Versions 0.2.9 and 0.2.2 are affected.
fe1b22a96957eec7a6d95ffebbcddb6a074d5a63287534cf402102b1561b064a
This proof of concept shows a crash that was observed in MS Office 2007 running under Windows 2003 x86. Microsoft Office File Validation Add-In is disabled and application verified was enabled for testing and reproduction. This sample also reproduced in Office 2010 running on Windows 7 x86. It did not reproduce in Microsoft Office 2013 running under Windows 8.1 x86.
e861290e0691798f889619d754216a214754a16bdf818fc088da1d1365039880