>> ARCHIVE: 2019-06

Starry Router Camera suffers from vulnerabilities where the PIN can be brute-forced and the HTML5 CORS ORIGIN is set with a wildcard.

Veralite and Veraedge routers / smart home controllers suffer from command injection, cross site request forgery, cross site scripting, code execution, directory traversal, and various other vulnerabilities.

Shekar Endoscope has telnet enabled by default, default wifi credentials, a flaw where an attacker can change the wifi password without any additional authentication, and four memory corruption vulnerabilities.

UliCMS version2 019.1 suffers from a persistent cross site scripting vulnerability.

Ubuntu version 18.04 lxd privilege escalation exploit.

Wampserver versions 3.1.4 through 3.1.8 suffer from a cross site request forgery vulnerability.