Max Secure Anti Virus Plus 19.0.4.020 – Insecure File Permissions
[dos] Nsauditor 3.1.8.0 – 'Key' Denial of Service (PoC)
Nsauditor 3.1.8.0 – ‘Key’ Denial of Service (PoC)
[webapps] Dokuwiki 2018-04-22b – Username Enumeration
Dokuwiki 2018-04-22b – Username Enumeration
[local] Visual Studio 2008 – XML External Entity Injection
Visual Studio 2008 – XML External Entity Injection
[webapps] SmartHouse Webapp 6.5.33 – Cross-Site Request Forgery
SmartHouse Webapp 6.5.33 – Cross-Site Request Forgery
[local] Anviz CrossChex 4.3.12 – Local Buffer Overflow
Anviz CrossChex 4.3.12 – Local Buffer Overflow
[dos] Nsauditor 3.1.8.0 – 'Name' Denial of Service (PoC)
Nsauditor 3.1.8.0 – ‘Name’ Denial of Service (PoC)
Allied Telesis AT-GS950/8 Directory Traversal
Allied Telesis AT-GS950/8 up until firmware AT-S107 version 1.1.3 [1.00.047] suffers from a directory traversal vulnerability.
Xinet Elegant 6 Asset Library Web Interface 6.1.655 SQL Injection
NAPC Xinet (interface) Elegant 6 Asset Library version 6.1.655 allows pre-authentication error-based SQL injection via the /elegant6/login LoginForm[username] field when double quotes are used.
Max Secure Anti Virus Plus 19.0.4.020 Insecure Permissions
Max Secure Anti Virus Plus version 19.0.4.020 suffers from an insecure permission vulnerability.