The Windows registry editor allows specially crafted .reg filenames to spoof the default registry dialog warning box presented to an end user. This can potentially trick unsavvy users into choosing…
>> ARCHIVE: 2019-03
Core FTP version 2.0 build 653 suffers from a PBSZ command denial of service vulnerability.
PilusCart version 1.4.1 suffers from a cross site request forgery vulnerability.
This Metasploit module exploits a command injection vulnerability in elFinder versions prior to 2.1.48. The PHP connector component allows unauthenticated users to upload files and perform file modification operations, such…
WordPress Plugin GraceMedia Media Player 1.0 – Local File Inclusion
Core FTP Server FTP / SFTP Server v2 Build 674 – ‘MDTM’ Directory Traversal
Microsoft Windows – .reg File / Dialog Box Message Spoofing
Core FTP Server FTP / SFTP Server v2 Build 674 – ‘SIZE’ Directory Traversal
MeteoTemplate version 17.1 with Nectarine Diary plugin version 4.0 suffers from an open redirection vulnerability.