Multiple versions of Whole Vibratissimo Smart Sex Toy suffer from credential disclosure, exposed administrative interface, cleartext storage of passwords, unauthenticated bluetooth LE connection, and other vulnerabilities. These devices screw you…
>> ARCHIVE: 2018-02
Geovision Inc. devices GV-BX1500 version 3.10 2016-12-02 and GV-MFD1501 version 3.12 2017-06-19 suffer from remote command execution, stack overflow, double free, and other vulnerabilities.
Advance Loan Management System version 1.0 suffers from a remote SQL injection vulnerability.
JEXTN Classified component version 1.0.0 suffers from a remote SQL injection vulnerability.
Microsoft Windows Subsystem for Linux execve() local privilege escalation exploit.
Joomla! Jimtawl component version 2.2.5 suffers from a remote shell upload vulnerability.
Flexense SyncBreeze Enterprise versions 10.3.14 and below suffer from a buffer overflow vulnerability.
Real Estate Custom Script version 1.0 suffers from a remote SQL injection vulnerability.
Fancy Clone Script suffers from a search_browse_product remote SQL injection vulnerability.
Joomla! JE PayperVideo component version 3.0.0 suffers from a remote SQL injection vulnerability.