Schneider Electric Pelco VideoXpert is vulnerable to an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of…
>> ARCHIVE: 2017-07
Pelco VideoXpert suffers from a directory traversal vulnerability. Exploiting this issue will allow an unauthenticated attacker to view arbitrary files within the context of the web server.
Schneider Electric Pelco VideoXpert transmits sensitive data using double Base64 encoding for the Cookie ‘auth_token’ in a communication channel that can be sniffed by unauthorized actors or arbitrarily be read…
This Metasploit module will create a permanent WMI event subscription to achieve file-less persistence using one of five methods.
http://cbhospital.go.th/1998.gif notified by MuhmadEmad
Microsoft Office 365 Enterprise E3 suffers from an insufficient session expiration vulnerability.
Firefox version 54.0.1 suffers from a denial of service vulnerability.
Yaws version 1.91 suffers from an unauthenticated remote file disclosure vulnerability.
Lepide Auditor Suite suffers from a createdb() web console database injection remote code execution vulnerability.
LibTIFF suffers from a denial of service vulnerability in tif_dirwrite.c.