Disk Pulse Enterprise 10.0.12 – GET Buffer Overflow (SEH)
>> ARCHIVE: 2017-09
Disk Pulse Enterprise 10.0.12 – GET Buffer Overflow (SEH)
Supervisor 3.0a1 – 3.3.2 – XML-RPC Authenticated Remote Code Execution (Metasploit)
http://mahasawat.go.th notified by Hentaic0de
WordPress Responsive Image Gallery plugin version 1.1.8 suffers from a remote SQL injection vulnerability.
phpMyFAQ version 2.9.8 suffers from a persistent cross site scripting vulnerability.
Microsoft Edge Charka incorrectly parses object patterns.
Microsoft Edge Chakra makes wrong scopes in deferred parsing.
Microsoft Edge Chakra Parser::ParseCatch fail to handle eval properly.
Microsoft Edge Chakra JavascriptFunction::ReparseAsmJsModule suffers from a parsing issue.
This Metasploit module exploits the command injection vulnerability of DenyAll Web Application Firewall. Unauthenticated users can execute a terminal command under the context of the web server user.