Easy File Sharing Web Server 7.2 – Remote SEH Buffer Overflow (DEP Bypass with ROP)
>> ARCHIVE: 2015-11
Easy File Sharing Web Server 7.2 – Remote SEH Buffer Overflow (DEP Bypass with ROP)
MyCustomers version 1.3.873 suffers from a remote SQL injection vulnerability.
CIS Manager Content Management System 2015Q4 suffers from a remote SQL injection vulnerability.
Google’s translate functionality suffers from a cross site scripting vulnerability.
Visual Paradigm Server version 10.0 suffers from a cross site scripting vulnerability.
KNX management software ETS version 4.1.5 build 3246 suffers from a buffer overflow vulnerability that allows for remote code execution.
Neos CMS version 2.0.3 suffers from cross site scripting and remote shell upload vulnerabilities.
SAP Sybase Adaptive Server Enterprise suffers from an XXE injection vulnerability.
BisonWare BisonFTP Server version 3.5 is prone to an overflow condition. This Metasploit module exploits a buffer overflow vulnerability in said application.
An independent vulnerability laboratory researcher discovered a remote sql injection web vulnerability in the official CIS Manager Content Management System.