WebClientPrint Processor 2.0.15.109 Updates Remote Code Execution
RedTeam Pentesting discovered that rogue updates trigger a remote code execution vulnerability in WebClientPrint Processor (WCPP). These updates may be distributed through specially crafted websites...
View ArticleWebClientPrint Processor 2.0.15.109 Unauthorized Proxy Modification
RedTeam Pentesting discovered that attackers can configure a proxy host and port to be used when fetching print jobs with WebClientPrint Processor (WCPP). This proxy setting may be distributed via...
View ArticleProgress Sitefinity 9.1 XSS / Session Management / Open Redirect
Progress Sitefinity version 9.1 suffers from cross site scripting, broken session management, and open redirection vulnerabilities.MD5 | 4afe3027dc44e61418fd14ecec494013DownloadSEC Consult...
View ArticleAutomated Logic WebCTRL 6.5 Insecure File Permissions Privilege Escalation
Automated Logic WebCTRL version 6.5 suffers from an insecure file permission privilege escalation vulnerability.MD5 | bfe85c9a0561b977ce1f85fffe2a9011DownloadAutomated Logic WebCTRL 6.5 Insecure File...
View ArticleAutomated Logic WebCTRL 6.1 Path Traversal Arbitrary File Write
Automated Logic WebCTRL version 6.1 suffers from path traversal and arbitrary file write vulnerabilities.MD5 | ba74d7e72b8d250b3eb5121245e82a5fDownloadAutomated Logic WebCTRL 6.1 Path Traversal...
View ArticleAutomated Logic WebCTRL 6.5 Unrestricted File Upload Remote Code Execution
Automated Logic WebCTRL version 6.5 suffers from an unrestricted file upload vulnerability that allows for remote code execution.MD5 | dfbd662ecb79e969664c3cfd3b845d91Download#!/usr/bin/env python# -*-...
View ArticleAutomated Logic WebCTRL 6.1 - Path Traversal / Arbitrary File Write
EDB-ID: 42543Author: LiquidWormPublished: 2017-08-22CVE: CVE-2017-9640 Type: WebappsPlatform: JavaVulnerable App: N/A Vendor: Automated Logic Corporation Product web page: http://www.automatedlogic.com...
View ArticleAutomated Logic WebCTRL 6.5 - Local Privilege Escalation
EDB-ID: 42542Author: LiquidWormPublished: 2017-08-22CVE: CVE-2017-9644 Type: LocalPlatform: WindowsVulnerable App: N/A Vendor: Automated Logic Corporation Product web page:...
View ArticleAutomated Logic WebCTRL 6.5 - Unrestricted File Upload / Remote Code Execution
EDB-ID: 42544Author: LiquidWormPublished: 2017-08-22CVE: CVE-2017-9650 Type: WebappsPlatform: JavaVulnerable App: N/A # -*- coding: utf8 -*- # # # Automated Logic WebCTRL 6.5 Unrestricted File Upload...
View ArticleTeX Live CVE-2016-10243 Remote Code Execution Vulnerability
TeX Live is prone to a remote code-execution vulnerability. Successfully exploiting this issue may allow remote attackers to execute arbitrary code. Failed attempts will likely result in...
View Articlelibgig 4.0.0 - LinuxSampler Multiple Vulnerabilities
EDB-ID: 42546Author: qflb.wuPublished: 2017-08-23CVE: CVE-2017-12950... Type: DosPlatform: LinuxAliases: N/AAdvisory/Source: N/ATags: Denial of Service (DoS)Vulnerable App: N/A Author : qflb.wu...
View ArticleFortiManager Multiple Security Vulnerabilities
FortiManager is prone to following security vulnerabilities: 1. A remote privilege-escalation vulnerability 2. An HTML-injection vulnerability 3. An SQL-injection vulnerability 4. A local...
View ArticleIBM Rhapsody DM CVE-2016-8975 Cross Site Scripting Vulnerability
IBM Rhapsody DM is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser...
View ArticleMP3 WAV to CD Burner 1.4.24 - Buffer Overflow (SEH)
EDB-ID: 42551Author: Anurag SrivastavaPublished: 2017-08-24CVE: N/A Type: LocalPlatform: WindowsVulnerable App: ############################################################################### # Exploit...
View ArticleMy Video Converter 1.5.24 - Buffer Overflow (SEH)
EDB-ID: 42550Author: Anurag SrivastavaPublished: 2017-08-24CVE: N/A Type: LocalPlatform: WindowsVulnerable App: ############################################################################### # Exploit...
View ArticleJoomla! Component Bargain Product VM3 1.0 - 'product_id' Parameter SQL...
EDB-ID: 42552Author: Ihsan SencanPublished: 2017-08-24CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Exploit Title: Joomla! Component Bargain Product VM3 1.0 - SQL Injection # Dork: N/A #...
View ArticleJoomla! Component MasterForms 1.0.3 - SQL Injection
EDB-ID: 42554Author: Ihsan SencanPublished: 2017-08-24CVE: N/A Type: WebappsPlatform: PHPVulnerable App: # Exploit Title: Joomla! Component MasterForms 1.0.3 - SQL Injection # Dork: N/A # Date:...
View ArticleEasy AVI DivX Converter 1.2.24 - Buffer Overflow (SEH)
EDB-ID: 42549Author: Anurag SrivastavaPublished: 2017-08-24CVE: N/A Type: LocalPlatform: WindowsVulnerable App: ############################################################################### # Exploit...
View ArticleJoomla! Component Price Alert 3.0.2 - 'product_id' Parameter SQL Injection
EDB-ID: 42553Author: Ihsan SencanPublished: 2017-08-24CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Exploit Title: Joomla! Component Price Alert 3.0.2 - SQL Injection # Dork: N/A # Date:...
View ArticleEasy Video to iPod/MP4/PSP/3GP Converter 1.5.20 - Buffer Overflow (SEH)
EDB-ID: 42548Author: Anurag SrivastavaPublished: 2017-08-24CVE: N/A Type: LocalPlatform: WindowsVulnerable App: ############################################################################### # Exploit...
View Article