Gemalto Sentinel License Manager version 18.0.1 suffers from a directory traversal vulnerability.
>> ARCHIVE: 2016-06
The configuration page in version 7.1.9 and below of op5 allows the ability to test a system command, which can be abused to run arbitrary code as an unprivileged user.
phpATM 1.32 – Multiple Vulnerabilities
op5 v7.1.9 Configuration Command Execution
phpATM 1.32 – Remote Command Execution (Shell Upload) on Windows Servers
WordPress Gravity Forms Plugin 1.8.19 – Arbitrary File Upload
Vicidial 2.11 – Scripts Stored XSS
DDN controllers ship with a set of static entries within the authorized_keys file of several of the user accounts. The corresponding private keys can be obtained from publicly available sources.
FibeAir IP-10 devices do not properly ensure that a user has authenticated before granting them access to the web interface of the device. The attacker simply needs to add a…
jbFileManager suffers from a path traversal vulnerability.