This documented vulnerability allows a remote attacker to execute malicious code or access to a part of the dynamically allocated memory using a user interaction visiting a Web page or open a specially crafted SWF file, an attacker is able to create an “out of bound” memory corruption. A file with an “ActionRecord” structure that […]
During a summary code review of Ansible, Computest found and exploited several issues that allow a compromised host to execute commands on the Ansible controller and thus gain access to the other hosts controlled by that controller. Versions 2.1.4 and 2.2.1 are affected.
This Metasploit module exploits a vulnerability found in Cisco Firepower Management Console. The management system contains a configuration flaw that allows the www user to execute the useradd binary, which can be abused to create backdoor accounts. Authentication is required to exploit this vulnerability.
http://www.norasingha.go.th notified by !~ Ar.H.Hacker ~!
Tags:
defacement
The vulnerability laboratory core research team discovered an application-side input validation vulnerability and mail…
DiskBoss Enterprise version 7.5.12 POST SEH buffer overflow exploit.
Make or Break version 1.7 suffers from a remote SQL injection vulnerability.
Starting Page version 1.3 suffers from a remote SQL injection vulnerability.
FMyLife Clone Script Pro Edition version 1.1 suffers from a cross site request forgery vulnerability.
WordPress WP Support Plus Responsive Ticket System plugin version 7.1.3 suffers from a privilege escalation vulnerability.