An independent vulnerability laboratory researcher discovered a remote sql-injection vulnerability in the official WordPress Multiple Meta Box v1.0 plugin.
http://nongfag.go.th/data2/07042016140240 notified by dfy
Tags: defacementAn independent vulnerability laboratory researcher discovered multiple sql-injection vulnerabilities in the AccelSite Content Manager v1.0 Content Management System.
Asbru Web Content Management System version 9.2.7 suffers from cross site request forgery, cross site scripting, open redirection, and directory traversal vulnerabilities.
op5 has a cross site request forgery entry point that can be used to execute arbitrary remote commands on op5 system sent via HTTP GET requests, allowing attackers to completely takeover the affected host. To be victimized a user must be authenticated and visit a malicious webpage or click an infected link. Version 7.1.9 is […]
Webligo SocialEngine version 4.8.9 suffers from a remote SQL injection vulnerability.
One change in Windows 8.1 from Windows 7 is the introduction of the console driver (condrv.sys) which is responsible for handling the management of consoles. It contains a method, CdpLaunchServerProcess which creates an instance of conhost.exe. This method calls ZwCreateUserProcess which means that the system call runs with kernel permissions, it also passes a flag […]