Metaphor – Stagefright Exploit with ASLR Bypass
>> ARCHIVE: 2016-03
Metaphor – Stagefright Exploit with ASLR Bypass
Apple Quicktime < 7.7.79.80.95 – FPX File Parsing Memory Corruption 1
LShell <= 0.9.15 – Remote Code Execution
SM Soft Tech CMS XHTML Mobile version 1.0 suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
WAP Music CMS version 1.0.2 suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
D-Link DVG-5402SP with firmware RU_1.01 suffers from brute force and cross site request forgery vulnerabilities.
C2Box versions 4.0.0(r19171) and below suffer from a validation bypass vulnerability.
There’s a logic error in the PCRE engine version used in Adobe Flash that allows the execution of arbitrary PCRE bytecode, with potential for memory corruption and remote code execution.
WordPress Claptastic Clap! Button plugin version 1.3 suffers from a cross site scripting vulnerability.
WordPress CloudFlare plugin version 1.3.20 suffers from a cross site scripting vulnerability.