TestLink version 1.9.14 suffers from a cross site request forgery vulnerability.
>> ARCHIVE: 2015-11
This Metasploit module exploits an arbitrary file upload in the WordPress Ajax Load More version 2.8.1.1. It allows you to upload arbitrary php files and get remote code execution. This…
eBay Magento CE <= 1.9.2.1 – Unrestricted Cron Script (Potential Code Execution / DoS)
Google AdWords API PHP client library <= 6.2.0 – Arbitrary PHP Code Execution
Huawei HG630a and HG630a-50 – Default SSH Admin Password on ADSL Modems
Google AdWords <= 6.2.0 API client libraries – XML eXternal Entity Injection (XXE)
Jenkins 1.633 – Unauthenticated Credential Recovery
YESWIKI 0.2 – Path Traversal Vulnerability
PHPMyLicense 3.0.0 – 3.1.4 – DoS
FreeType 2.6.1 TrueType tt_sbit_decoder_load_bit_aligned Heap-Based Out-of-Bounds Read