LogicalDOC Enterprise version 7.7.4 suffers from a post-authentication command execution vulnerability via binary path manipulation.
>> ARCHIVE: 2018-02
CloudMe Sync versions 1.10.9 and below suffer from an unauthenticated remote buffer overflow vulnerability.
CloudMe Sync < 1.11.0 – Buffer Overflow
TypeSetter CMS 5.1 – ‘Host’ Header Injection
TypeSetter CMS 5.1 – Cross-Site Request Forgery
News Website Script 2.0.4 – ‘search’ SQL Injection
http://www.omkoi.go.th/readme.htm notified by Dijehaji
SoapUI suffers from an arbitrary code execution vulnerability via a maliciously imported project.
This Metasploit module attempts to gain root privileges on Juju agent systems running the juju-run agent utility. Juju agent systems running agent tools prior to version 1.25.12, 2.0.x before 2.0.4,…
glibc – ‘$ORIGIN’ Expansion Privilege Escalation (Metasploit)