The installer component of Cisco AnyConnect Secure Mobility Client for Windows prior to 4.8.02042 is vulnerable to path traversal and allows local attackers to create/overwrite files in arbitrary locations with…
>> ARCHIVE: 2020-10
Typesetter CMS 5.1 – ‘Site Title’ Persistent Cross-Site Scripting
GetSimple CMS 3.3.16 – Persistent Cross-Site Scripting (Authenticated)
WebsiteBaker 2.12.2 – ‘display_name’ SQL Injection (authenticated)
MonoCMS Blog 1.0 – Arbitrary File Deletion (Authenticated)
SpinetiX Fusion Digital Signage 3.4.8 – Cross-Site Request Forgery (Add Admin)
SpinetiX Fusion Digital Signage 3.4.8 – Username Enumeration
BrightSign Digital Signage Diagnostic Web Server 8.2.26 – File Delete Path Traversal
SpinetiX Fusion Digital Signage 3.4.8 – Database Backup Disclosure
Sony IPELA Network Camera 1.82.01 – ‘ftpclient.cgi’ Remote Stack Buffer Overflow