Clik here to view.
Kemp Load Balancer WAF 7.2.40 Bypass
Kemp load balancers with AFP WAF functionality versions 7.1.30 through 7.2.40 suffer from a POST bypass vulnerability.MD5 | 65be9e2f8c7ec43b609c96eea736fc12Download1. ADVISORY SUMMARYKemp Load...
View ArticleClik here to view.
WordPress Wunderbar Basic 1.1.3 Cross Site Scripting
WordPress Wunderbar Basic plugin version 1.1.3 suffers from a cross site scripting vulnerability.MD5 | 9e4156177eeba9d422aa9f62c73e8062DownloadClass Input Validation ErrorRemote YesCredit Ricardo...
View ArticleClik here to view.
Sync Breeze 10.2.12 Denial Of Service
Sync Breeze version 10.2.12 suffers from a denial of service vulnerability.MD5 | eb3064d1984efdf9b9610176e6d7191eDownload=============================================MGC ALERT 2017-007- Original...
View ArticleClik here to view.
Joomla! Component JEXTN Question And Answer 3.1.0 SQL Injection
Joomla! JEXTN Question and Answer component version 3.1.0 suffers from a remote SQL injection vulnerability.MD5 | 5d9a350f41b12d85b1e0616b9a338e0dDownload# # # # ## Exploit Title: Joomla! Component...
View ArticleClik here to view.
Joomla! Component JEXTN Video Gallery 3.0.5 SQL Injection
Joomla! JEXTN Video Gallery component version 3.0.5 suffers from a remote SQL injection vulnerability.MD5 | b9e24f7c25d109c4e2090e8221cc0cd0Download# # # # ## Exploit Title: Joomla! Component JEXTN...
View ArticleClik here to view.
Readymade Video Sharing Script 3.2 HTML Injection
Readymade Video Sharing Script version 3.2 suffers from a html injection vulnerability.MD5 | 9f828121974beff69a49a0bc657533bfDownload# # # # # # Exploit Title: Readymade Video Sharing Script 3.2 - HTML...
View ArticleClik here to view.
Paid To Read Script 2.0.5 SQL Injection
Paid To Read Script version 2.0.5 suffers from a remote SQL injection vulnerability.MD5 | 545bfdb1f82a68e71a7cad4dc9bd9a1fDownload# # # # # # Exploit Title: Paid To Read Script 2.0.5 - SQL Injection#...
View ArticleClik here to view.
Piwigo 2.9.1 SQL Injection
Piwigo version 2.9.1 suffers from a remote SQL injection vulnerability.MD5 | 7dcb87848320df6b3827d114d752b690Download# # # # # # Exploit Title: Piwigo <= 2.9.1 - 'cat_true'/'cat_false' SQL...
View ArticleClik here to view.
Movie Guide 2.0 SQL Injection
Movie Guide version 2.0 suffers from a remote SQL injection vulnerability.MD5 | fa1fcffffe6c7f17040a8f614cf5f4ccDownload# # # # ## Exploit Title: Movie Guide 2.0 - SQL Injection# Dork: N/A# Date:...
View ArticleClik here to view.
FS Lynda Clone 1.0 SQL Injection
FS Lynda Clone version 1.0 suffers from a remote SQL injection vulnerability.MD5 | 93b52c246755254ff7aa57b5c5d0ed1aDownload<!--# # # # # # Exploit Title: FS Lynda Clone 1.0 - SQL Injection# Dork:...
View ArticleClik here to view.
Bus Booking Script 1.0 SQL Injection
Bus Booking Script version 1.0 suffers from a remote SQL injection vulnerability.MD5 | 1a5d06ca50412d3ea1618cf7e571f4adDownload<!--# # # # # # Exploit Title: Bus Booking Script 1.0 - SQL Injection#...
View ArticleClik here to view.
Keeper Privileged UI Injection
Microsoft Windows 10 is forcibly installing the Keeper password manager which injects privileged UI's into pages.MD5 | cffd7bc598b1b7d4cd593b6b402424e4DownloadSource:packetstormsecurity.com
View ArticleClik here to view.
Western Digital MyCloud multi_uploadify File Upload
This Metasploit module exploits a file upload vulnerability found in Western Digital's MyCloud NAS web administration HTTP service. The /web/jquery/uploader/multi_uploadify.php PHP script provides...
View ArticleClik here to view.
Monstra CMS 3.0.4 Remote Shell Upload
Monstra CMS version 3.0.4 suffers from a remote shell upload vulnerability that allows for remote code execution.MD5 | 232ceeef3d1b599e0679a64c3c4ba7f7DownloadExploit Title: Monstra CMS - 3.0.4...
View ArticleClik here to view.
Zoom Linux Client 2.0.106600.0904 Buffer Overflow
The binary /opt/zoom/ZoomLauncher is vulnerable to a buffer overflow because it concatenates a overly long user input to a stack variable without checking if the destination buffer is long enough to...
View ArticleClik here to view.
Zoom Linux Client 2.0.106600.0904 Command Injection
The binary /opt/zoom/ZoomLauncher is vulnerable to command injection because it uses user input to construct a shell command without proper sanitization. The client registers a scheme handler...
View ArticleClik here to view.
WordPress Sagepay Server Gateway For WooCommerce 1.0.7 XSS
WordPress Sagepay Server Gateway For WooCommerce plugin version 1.0.7 suffers from a persistent cross site scripting vulnerability.MD5 | fac5b4c598ce59a6693be082fb980570DownloadClass Input Validation...
View ArticleClik here to view.
WordPress Placemarks 2.0.0 Cross Site Scripting
WordPress Placemarks plugin version 2.0.0 suffers from a persistent cross site scripting vulnerability.MD5 | dcddac88c93e5de84968e542060ade62DownloadClass Input Validation ErrorRemote YesCredit Ricardo...
View ArticleClik here to view.
Outlook For Android Directory Traversal
There is a directory traversal issue in attachment downloads in Outlook for Android. There is no path sanitization on the attachment filename in the app. If the email account is a Hotmail account, this...
View ArticleClik here to view.
Telegram Messenger For Android Directory Traversal
There is a directory traversal issue in the Telegram client for Android. The method saveFile in MediaController.java saves a file to external memory based on an optional name that is not filtered. The...
View Article