Posts

[dos] IrfanView 4.44 - Denial of Service

[webapps] Emby MediaServer 3.2.5 - Password Reset

[webapps] Emby MediaServer 3.2.5 - Directory Traversal

[webapps] Emby MediaServer 3.2.5 - SQL Injection

[dos] Panda Free Antivirus - 'PSKMAD.sys' Denial of Service

Avast! Antivirus CVE-2017-8307 Arbitrary File Deletion Vulnerability

symetrie CVE-2017-7386 Cross Site Scripting Vulnerability

eXtplorer CVE-2016-4313 Local Directory Traversal Vulnerability

Alerton Webtalk 2.5 / 3.3 Hash Disclosure / CSRF / Command Injection

Live Helper Chat 2.58v Cross Site Scripting

Jenkins CVE-2017-1000356 Multiple Cross Site Request Forgery Vulnerabilities

Mediawiki 'Special:MyPage/common.css' Cross-Site Scripting Vulnerability

TOR Virtual Network Tunneling Tool 0.3.0.6

Simple File Uploader Arbitrary File Download

Easy File Uploader Remote Shell Upload

TYPO3 News Module SQL Injection

[remote] Mercurial - Custom hg-ssh Wrapper Remote Code Exec (Metasploit)

[webapps] Simple File Uploader - Arbitrary File Download

[webapps] Easy File Uploader - Arbitrary File Upload

[webapps] TYPO3 News Module - SQL Injection

Mediawiki 'Parser::replaceInternalLinks2()' Method Cross-Site Scripting Vulnerability

Fortinet FortiOS CVE-2017-3127 Cross Site Scripting Vulnerability

Mercurial Custom hg-ssh Wrapper Remote Code Execution

Confluence 6.0.x Information Disclosure

LightDM (Ubuntu 16.04/16.10) Privilege Escalation

Revive Ad Server 4.0.1 Cross Site Request Forgery / Cross Site Scripting

WordPress KittyCatfish 2.2 SQL Injection

WordPress Car Rental System 2.5 SQL Injection

WordPress Wow Viral Signups 2.1 SQL Injection

Joomla jDBexport 3.2.10 Cross Site Scripting / Path Disclosure

WordPress Wow Forms 2.1 SQL Injection

Microsoft Windows 2003 SP2 ERRATICGOPHER SMB Remote Code Execution

Portrait Display SDK Service Privilege Escalation

Joomla MyPortfolio 3.0.2 SQL Injection

Private Tunnel Client 2.8 Buffer Overflow

[webapps] Revive Ad Server 4.0.1 - Cross-Site Scripting / Cross-Site Request Forgery

IBM WebSphere Commerce CVE-2017-1170 Local Session Hijacking Vulnerability

Flyspray 1.0-rc4 Cross Site Scripting

HP OpenCall Media Platform Multiple Cross Site Scripting and Remote File Include Vulnerabilities

Linux Kernel CVE-2017-7477 Heap Buffer Overflow Vulnerability

Cross-Site Scripting / Cross-Site Request Forgery

SQL Injection

'IESFOOTPRINT' SQL Injection

Guest Account Local Privilege Escalation

SQL Injection