Posts

Nostromo 1.9.6 Directory Traversal / Remote Command Execution

WordPress Google Review Slider 6.1 SQL Injection

WMV To AVI MPEG DVD WMV Converter 4.6.1217 Buffer Overflow

MikroTik RouterOS 6.45.6 DNS Cache Poisoning

iSeeQ Hybrid DVR WH-H4 1.03R / 2.0.0.P (get_jpeg) Stream Disclosure

JavaScriptCore GetterSetter Type Confusion

Linux/x86 (NOT|ROT+8 Encoded) execve(/bin/sh) Null Free Shellcode

Citrix StoreFront Server 7.15 XML Injection

WMV To AVI MPEG DVD WMV Converter 4.6.1217 Denial Of Service

Ajenti 2.1.31 Remote Code Execution

Craft CMS Rate Limiting / Brute Force

WordPress 5.2.4 Cross Origin Resource Sharing

Microsoft Windows Server 2012 Group Policy Security Feature Bypass

Microsoft Windows Server 2012 Group Policy Remote Code Execution

Intelligent Security System SecurOS Enterprise 10.2 Unquoted Service Path

rConfig 3.9.2 Remote Code Execution

Win10 MailCarrier 2.51 Buffer Overflow

Microsoft Windows Insecure CSharedStream Object Privilege Escalation

WebKit HTMLFrameElementBase::isURLAllowed Universal Cross Site Scripting

Infosysta Jira 1.6.13_J8 User Name Disclosure

Infosysta Jira 1.6.13_J8 Project List Authentication Bypass

Infosysta Jira 1.6.13_J8 Push Notification Authentication Bypass

ChaosPro 2.0 Buffer Overflow

waldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 Cross Site Scripting

delpino73 Blue-Smiley-Organizer 1.32 SQL Injection

waldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 SQL Injection

Intelbras Router WRN150 1.0.18 Cross Site Request Forgery

JumpStart 0.6.0.0 Unquoted Service Path

Part-DB 0.4 Authentication Bypass

CWP 0.9.8.885 Cross Site Scripting

AUO SunVeillance Monitoring System 1.1.9e SQL Injection

AUO SunVeillance Monitoring System 1.1.9e Incorrect Access Control

PHP-FPM Remote Code Execution

Rusty Joomla Unauthenticated Remote Code Execution

Solaris xscreensaver Privilege Escalation

Linux Polkit pkexec Helper PTRACE_TRACEME Local Root

WordPress Sliced Invoices 3.8.2 SQL Injection

WordPress Sliced Invoices 3.8.2 Cross Site Scripting

IObit Uninstaller 9.1.0.8 IObitUnSvr Unquoted Service Path

Rocket.Chat 2.1.0 Cross Site Scripting

Moxa EDR-810 Command Injection / Information Disclosure

Xorg X11 Server SUID modulepath Privilege Escalation

Linux/x86 execve(/bin/sh) Socket Reuse Shellcode

Total.js CMS 12 Widget JavaScript Code Injection

WinRAR 5.80 XML Injection

WinRAR 5.80 Memory Corruption

NASA NODIS Cross Site Scripting

Trend Micro Anti-Threat Toolkit (ATTK) 1.62.0.1218 Remote Code Execution

Sangoma SBC 2.3.23-119-GA Authentication Bypass

Sangoma SBC 2.3.23-119-GA Unauthenticated User Creation