A vulnerability exists within Microsoft’s SQL Server Reporting Services which can allow an attacker to craft an HTTP POST request with a serialized object to achieve remote code execution. The…
>> ARCHIVE: 2020-03
Centos WebPanel 7 – ‘term’ SQL Injection
AnyBurn 4.8 – Buffer Overflow (SEH)
Wing FTP Server version 2.3 suffers from a cross site request forgery vulnerability.
ASUS AXSP version 1.02.00 suffers from an asComSvc unquoted service path vulnerability.
WordPress Search Meter plugin version 2.13.2 suffers from a CSV injection vulnerability.
rConfig 3.93 – ‘ajaxAddTemplate.php’ Authenticated Remote Code Execution
WordPress Plugin Appointment Booking Calendar 1.3.34 – CSV Injection
Joomla! Component com_newsfeeds 1.0 – ‘feedid’ SQL Injection
WatchGuard Fireware AD Helper Component 5.8.5.10317 – Credential Disclosure