Yasir Portal version 5.0 suffers from a database disclosure vulnerability.
>> ARCHIVE: 2016-10
Yasir Portal version 5.0 suffers from a database disclosure vulnerability.
XhP CMS version 0.5.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
NtLoadKeyEx takes a flag to open a registry hive read only, if one of the hive files cannot be opened for read access it will revert to write mode and…
The isolated private namespace created by ierutils has an insecure boundary descriptor which allows any non-appcontainer sandbox process (such as chrome) or other users on the same system to gain…
The isolated private namespace created by ierutils has a insecure DACL which allows any appcontainer process to gain elevated permissions on the namespace directory which could lead to elevation of…
SPIP versions 3.1.2 and below suffer from a cross site request forgery vulnerability.
SPIP versions 3.1.2 and below suffer from a cross site scripting vulnerability.
SPIP versions 3.1.2 and below suffer from file enumeration and path traversal vulnerabilities.
ManageEngine ServiceDesk Plus version 9.2 build 9207 suffers from an unauthorized information disclosure vulnerability.
WineBottler versions 1.8-rc4 and below suffer from a man-in-the-middle vulnerability that can allow for remote code execution.