>> ARCHIVE: 2016-10

This Metasploit module hosts an HTML Application (HTA) that when opened will run a payload via Powershell. When a user navigates to the HTA file they will be prompted by…

Adobe Flash Player version 23.0.0.162 suffers from a .swf ConstantPool critical memory corruption vulnerability.

Categorizator version 0.3.1 suffers from a remote SQL injection vulnerability.

OpenCimetiere version 3.0.0-a5 suffers from a remote blind SQL injection vulnerability.

ApPHP MicroCMS version 3.9.5 suffers from a cross site request forgery vulnerability.

Minecraft version 1.6.61 has a launcher that suffers from insecure file permissions that can lead to a privilege escalation issue.

BirdBlog version 1.4.0 suffers from a cross site request forgery vulnerability.

ApPHP MicroCMS version 3.9.5 suffers from a persistent cross site scripting vulnerability.

ApPHP MicroBlog version 1.0.2 suffers from a cross site request forgery vulnerability.

phpEnter version 4.2.7 suffers from a cross site request forgery vulnerability.