OXATIS 2017 suffers from a cross site scripting vulnerability.
>> ARCHIVE: 2017-04
OXATIS 2017 suffers from a cross site scripting vulnerability.
OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by leveraging the availability of the…
Dell Customer Connect (DCCService.exe) version 1.3.28.0 suffers from a local privilege escalation vulnerability.
http://www.wiangnuer.go.th/icon notified by NmR.Hacker
Western Digital My Cloud with firmware version 2.21.126 suffers from an authentication bypass vulnerability that allows escalation to administrative privileges.
SquirrelMail versions 1.4.22 and below suffer from a remote code execution vulnerability.
The gnome-keyring-daemon is vulnerable to local credential disclosure as it leaves credentials accessible in memory.
This Metasploit module exploits a command injection vulnerability in an undocumented CGI file in several versions of the WePresent WiPG-1000 devices. Version 2.0.0.7 was confirmed vulnerable, 2.2.3.0 patched this vulnerability.
This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of Disk Sorter Enterprise version 9.5.12, caused by improper bounds checking of the request path in HTTP…
Due to lax filesystem permissions, an attacker can take control of a hardcoded sudo path in order to execute commands as a privileged user on Solarwinds Log and Event Manager…