>> ARCHIVE: 2017-07

iSmartAlarm CubeOne suffers from a remote command execution vulnerability that allows disabling the alarm and setting it off.

This exploit module illustrates how a vulnerability could be exploited in an TCP server that has a parsing bug. This is an example Metasploit module to be used for exploit…

This template covers IE8/9/10, and uses the user-agent HTTP header to detect the browser version. Please note IE8 and newer may emulate an older IE version in compatibility mode, in…

PyCharm 2-0 / 2017 suffers from a command-line buffer overflow vulnerability.

Sitecore CMS version 8.2 suffers from cross site scripting and file disclosure vulnerabilities.

Dasan Networks GPON ONT WiFi Router H64X Series does not properly perform authentication and authorization, allowing it to be bypassed through cookie manipulation. Setting the Cookie ‘Grant’ with value 1…

Dasan Networks GPON ONT WiFi Router H64X Series suffers from a cross site request forgery vulnerability.

Vodafone Italia’s webmail system suffers from a cross site scripting vulnerability that can be leveraged via an incoming email.

Dasan Networks GPON ONT WiFi Router H64X Series suffers from a privilege escalation vulnerability.