Month: April 2020

[webapps] LimeSurvey 4.1.11 – 'File Manager' Path Traversal

[webapps] Bolt CMS 3.7.0 – Authenticated Remote Code Execution

[webapps] WhatsApp Desktop 0.3.9308 – Persistent Cross-Site Scripting

[local] Triologic Media Player 8 – '.m3l' Buffer Overflow (Unicode) (SEH)

[webapps] Vesta Control Panel 0.9.8-26 – Authenticated Remote Code Execution (Metasploit)

[dos] UltraVNC Viewer 1.2.4.0 – 'VNCServer' Denial of Service (PoC)

[dos] ZOC Terminal v7.25.5 – 'Private key file' Denial of Service (PoC)

[webapps] LimeSurvey 4.1.11 – 'Survey Groups' Persistent Cross-Site Scripting

[dos] UltraVNC Launcher 1.2.4.0 – 'Password' Denial of Service (PoC)

[dos] Frigate 3.36 – Denial of Service (PoC)