JetAudio jetCast Server 2.0 – ‘Log Directory’ Local SEH Alphanumeric Encoded Buffer Overflow
>> ARCHIVE: 2019-05
WeChat for Android 7.0.4 – ‘vcodec2_hls_filter’ Denial of Service
Selfie Studio version 2.17 Resize Image denial of service proof of concept exploit.
Telenor.com.pk appears to allow an attacker set an arbitrary phone number for receiving an SMS for the second factor of authentication.
Three different proof of concept exploits for TwistedBrush Pro Studio version 24.06 denial of service vulnerabilities.
PasteShr version 1.6 suffers from multiple remote SQL injection vulnerabilities.
This Metasploit module exploits a command execution vulnerability in PHP-Fusion versions 9.03.00 and below. It is possible to execute commands in the system with ordinary user authority.
Schneider Electric U.Motion Builder version 1.3.4 suffers from an unauthenticated command injection vulnerability in track_import_export.php.
Legrand BTicino Driver Manager F454 1.0.51 – Cross-Site Request Forgery / Cross-Site Scripting
CommSy 8.6.5 – SQL injection