>> ARCHIVE: 2017-04

Social Directory Script version 2.0 suffers from a remote SQL injection vulnerability.

Multiple Adobe products suffer from an XML injection file content disclosure vulnerability.

Quest Privilege Manager version 6.0.0 suffers from an arbitrary file write vulnerability.

s9y Serendipity versions prior to 2.0.5 suffer from a cross site request forgery vulnerability.

MyBB versions prior to 1.8.11 suffers from a cross site scripting vulnerability.

MyBB versions prior to 1.8.11 suffer from a directory traversal vulnerability.

MATESO GmbH Password Safe and Repository Enterprise version 7.4.4 build 2247 suffers from a remote SQL injection vulnerability.

MATESO GmbH Password Safe and Repository Enterprise 7.4.4 build 2247 suffers from poor credential management using unsalted MD5 hashes.

Proxifier versions 2.18 and below ships with a KLoader binary which it installs suid root the first time Proxifier is run. This binary serves a single purpose which is to…

Brother MFC-J6520DW suffers from a password changing authentication bypass vulnerability.