Synaccess netBooter NP-0801DU version 7.4 suffers from a cross site request forgery vulnerability.
c58aeb7ef6b68b80d63bcfe2db7d1b15Synaccess netBooter NP-02x and NP-08x version 6.8 suffer from an authentication bypass vulnerability due to a missing control check when calling the webNewAcct.cgi script while creating users. This allows an unauthenticated attacker to create an admin user account and bypass authentication giving her the power to turn off a power supply to a resource.
b35aa71589ba337fad0f50e2db1dd972Microsoft Edge suffers from a Chakra OP_Memset type confusion vulnerability.
7b04b630ed5e30e643f82ceeb6a803d3XMPlay version 3.8.3 suffers from a denial of service vulnerability.
9c717bb9f7999e7940fc1b2648402f53HTML Video Player version 1.2.5 suffers from a buffer overflow vulnerability.
ab18abd61ba3a76adf1d443b98ca02f5Intel Rapid Storage Technology User Interface and Driver version 15.9.0.1015 suffers from a dll hijacking vulnerability.
588da88e53e05773cd51de3eafe1fcb5Budabot versions 0.6 through 4.0 suffer from a denial of service vulnerability.
84ba35e2fe35edb9c0652c9736039b25Easy Outlook Express Recovery version 2.0 suffers from a denial of service vulnerability.
d2d30131fbbad9a751ea1250ea90b324Mumsoft Easy Software version 2.0 suffers from a denial of service vulnerability.
729855523fec92176326b56ceafac944DomainMOD versions 4.09.03 through 4.11.01 suffer from a cross site scripting vulnerability.
1f70ddfa1f1105f5475de8a37ba17c86Helpdezk version 1.1.1 suffers from a remote shell upload vulnerability.
cbacc0533908cb511a19e2bd2c3b95b4Warranty Tracking System version 11.06.3 suffers from a remote SQL injection vulnerability.
38b937df50beb67adf464aa65f5d5b5cThe Everus.org Android application version 1.0.9 has a fundamental design flaw where the client can send a random phone number during the second factor flow with an arbitrary existing user id and the server send the attacker the one time password for the other user.
81b34424d2fb4ef2f76dd3982050a8b1Linux has a broken uid/gid mapping for nested user namespaces with greater than 5 ranges.
5a4e9282df80bcac13075f0181391a8bPHP-Proxy version 5.1.0 suffers from a local file inclusion vulnerability.
96c23b5c4ac90b08c6b144a53cf3862dWordPress Ninja Forms version 3.3.17 suffers from a cross site scripting vulnerability.
a90814e7187521ea474ee2c55e40aca8WordPress Custom Frontend Login Registration Form plugin version 1.01 suffers from multiple cross site scripting vulnerabilities.
237d47a46ea03648e298b2b496c1d36cPHP Mass Mail version 1.0 suffers from a remote shell upload vulnerability.
0cb5d71edeb4a2b0e094423306caac002-Plan Team version 1.0.4 suffers from a remote shell upload vulnerability.
f032a820048d7947081bbeda6a354d98Simple E-Document version 1.31 suffers from a remote SQL injection vulnerability.
1ede165ba98398e93a63ea4b310b41dbKordil EDMS version 2.2.60rc3 suffers from a remote shell upload vulnerability.
f3deb8055528a28140da5feca3b41892Meneame English Pligg version 5.8 suffers from a remote SQL injection vulnerability.
5c7b5029323f7af90547ba9b891733dfEverSync version 0.5 suffers from an arbitrary file download vulnerability.
e81ef06ed6a2875941484f78b91802daGalaxy Forces MMORPG version 0.5.8 suffers from a remote SQL injection vulnerability.
14a0c7a02a34735d824a66d044a989a7Net-Billetterie version 2.9 suffers from a remote SQL injection vulnerability.
775c0f6b6c482e0277e3b482fdb3c25f
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed