phpRPC < 0.7 – Remote Code Execution
[dos] – GpicView 0.2.5 – Crash PoC
GpicView 0.2.5 – Crash PoC
[shellcode] – Linux/ARM – Connect back to {ip:port} with /bin/sh – 95 bytes
Linux/ARM – Connect back to {ip:port} with /bin/sh – 95 bytes
[webapps] – Infor CRM 8.2.0.1136 – Multiple HTML Script Injection Vulnerabilities
Infor CRM 8.2.0.1136 – Multiple HTML Script Injection Vulnerabilities
[remote] – Proxmox VE 3/4 Insecure Hostname Checking Remote Root Exploit
Proxmox VE 3/4 Insecure Hostname Checking Remote Root Exploit
[webapps] – Zimbra 8.0.9 GA – CSRF Vulnerability
Zimbra 8.0.9 GA – CSRF Vulnerability
[webapps] – WordPress Ocim MP3 Plugin – SQL Injection Vulnerability
WordPress Ocim MP3 Plugin – SQL Injection Vulnerability
PayPal BB #116 – (Android) Unencrypted Information Issue
The Vulnerability Laboratory Core Research Team discovered a Unencrypted User`s DM & User Information Vulnerability in the official PayPal Inc Mobile API for Android.
WordPress Calculated Fields Form 1.0.x Session Hijacking
WordPress Calculated Fields Form plugin versions 1.0.x and below suffer from Http_only bypass and session hijacking vulnerabilities.
OpenAM Open Redirect
Compass Security discovered a web application security flaw in the OpenAM application which allows an attacker to launch phishing attacks against users by redirecting them to a malicious website. An attacker is able to create a link that, when visited, will redirect the user to a website of the attacker’s choosing once the victim attempts […]