Xoops 1.0.2 PD-Links 1.0 Database Disclosure
Xoops version 1.0.2 with PD-Links module version 1.0 suffers from a database disclosure vulnerability.
View ArticleKache Cross Protocol Request Forgery
Kache as of commit de2c39491625c3f087027be961a17191e85f6d30 suffers from a cross protocol request forgery vulnerability.
View ArticleNOT Encoder / Decoder Shellcode
44 bytes small Linux/x86 execve() /bin/sh NOT encoder and decoder shellcode. This technique is useful for bypassing some AV systems.
View ArticleJoomla ModPPCSimpleSpotLight 1.2 / 3.0 CSRF / Shell Upload
Joomla ModPPCSimpleSpotLight module versions 1.2 and 3.0 suffer from cross site request forgery and remote shell upload vulnerabilities.
View Article1C-Bitrix Site Management Russia 2.0 Open Redirection
1C-Bitrix Site Management Russia version 2.0 suffers from an open redirection vulnerability.
View ArticleWordPress WP-DreamworkGallery 2.3 CSRF / Shell Upload
WordPress WP-DreamworkGallery plugin version 2.3 suffers from cross site request forgery and remote shell upload vulnerabilities.
View ArticleLinux/x64 Kill All Processes Shellcode
11 bytes small Linux/x64 kill all processes shellcode.
View Articlezzzphp CMS 1.6.1 Cross Site Request Forgery
zzzphp CMS version 1.6.1 suffers from a cross site request forgery vulnerability.
View ArticleMicrosoft Edge Chakra 1.11.4 Type Confusion
Microsoft Edge Chakra version 1.11.4 read permission via type confusion proof of concept exploit.
View ArticleMailtraq WebMail 2.17.7.3550 Cross Site Scripting
Mailtraq WebMail version 2.17.7.3550 suffers from a persistent cross site scripting vulnerability.
View ArticleAbility Mail Server 4.2.6 Cross Site Scripting
Ability Mail Server version 4.2.6 suffers from a persistent cross site scripting vulnerability.
View ArticleSlackware Security Advisory - infozip Updates
Slackware Security Advisory - New infozip packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
View ArticleBold CMS 3.6.4 Cross Site Scripting
Bold CMS version 3.6.4 suffers from a cross site scripting vulnerability.
View ArticleCraft CMS 3.1.12 Pro Cross Site Scripting
Craft CMS version 3.1.12 Pro suffers from a cross site scripting vulnerability.
View ArticleSAP J2EE Engine/7.01/Portal/EPP Protocol Cross Site Scripting
SAP J2EE Engine/7.01/Portal/EPP suffers from a cross site scripting vulnerability in /ctcprotocol/Protocol.
View ArticleSAP J2EE Engine/7.01/Fiori test2 Cross Site Scripting
SAP J2EE Engine/7.01/Fiori suffers from a cross site scripting vulnerability in /TestJDBC_Web/test2.
View ArticleSAP J2EE Engine/7.01/Fiori Protocol Cross Site Scripting
SAP J2EE Engine/7.01/Fiori suffers from a cross site scripting vulnerability in /ctcprotocol/Protocol.
View ArticleDebian Security Advisory 4387-2
Debian Linux Security Advisory 4387-2 - It was found that a security update (DSA-4387-1) of OpenSSH, an implementation of the SSH protocol suite, was incomplete. This update did not completely fix...
View ArticleSlackware Security Advisory - python Updates
Slackware Security Advisory - New python packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
View Article