Sahi Pro version 8.x suffers from a cross site scripting vulnerability.
>> ARCHIVE: 2019-06
Sahi Pro version 8.x suffers from a cross site scripting vulnerability.
BlogEngine.NET versions 3.3.7 and earlier are vulnerable to two separate directory traversal issues that can lead to remote code execution.
BlogEngine.NET 3.3.6/3.3.7 – ‘theme Cookie’ Directory Traversal / Remote Code Execution
BlogEngine.NET 3.3.6/3.3.7 – ‘dirPath’ Directory Traversal / Remote Code Execution
Clever Dog Smart Camera types DOG-2W and DOG-2W-V4 suffer from file disclosure, default telnet backdoor credential, and insecure transit vulnerabilities.
RedwoodHQ version 2.5.5 suffers from an authentication bypass vulnerability.
This script is a proof of concept to bypass the Microsoft Windows User Access Control (UAC) via SluiFileHandlerHijackLPE.
Spring Security OAuth versions 2.3 prior to 2.3.6 suffer from open redirection vulnerabilities.
When a Microsoft Word “.docx” File contains a hyperlink to another file, it will run the first file it finds in that directory with a valid extension. But will present…
The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS if attackers can reach the service on port 8794. In addition this can potentially be leveraged…