>> ARCHIVE: 2016-06

MyLittleForum version 2.3.5 suffers from a PHP command execution vulnerability.

PInfo version 0.6.9-5.1 suffers from a buffer overflow vulnerability.

BigTree CMS version 4.2.11 and below suffer from a remote authenticated SQL injection vulnerability.

HNB version 1.9.18-10 suffers from a local buffer overflow vulnerability.

This Metasploit module generates a Open API Specification 2.0 (Swagger) compliant json document that includes payload insertion points in parameters. In order for the payload to be executed, an attacker…

Iranian Weblog Service CMS version 3.3 suffers from cross site scripting, remote shell upload, and remote SQL injection vulnerabilities.

A password reset session web vulnerability has been discovered in the official Ladesk online service web-application. The vulnerability allows remote attackers to reset a session credentials to unauthorized access user…

Mutualaid CMS version 4.3.1 suffers from a remote SQL injection vulnerability.

Alfine CMS version 2.6 suffers from a remote SQL injection vulnerability that allows for authentication bypass.