>> ARCHIVE: 2020-11

Foxit Reader version 9.0.1.1049 suffers from an arbitrary code execution vulnerability. This is a variant exploit of the original finding from 2018.

Pure-FTPd version 1.0.48 suffers from a denial of service vulnerability.

Razer Chroma SDK Server version 3.16.02 suffers from a race condition vulnerability that allows for remote file execution.

BigBlueButton versions 2.2.29 and below suffer from an e-mail validation bypass vulnerability.

libupnp version 1.6.18 stack-based buffer overflow denial of service exploit.

Fujitsu Eternus Storage DX200 S4 fails to set cookies for authentication allowing for replay of URLs to achieve root level privileges.

ElkarBackup version 1.3.3 suffers from persistent cross site scripting vulnerabilities. This notes a variant attack vector for the original vulnerability discovered in this version in August of 2020 by Enes…

SAP Lumira version 1.31 suffers from a persistent cross site scripting vulnerability.

Laravel Administrator version 4 suffers from an unrestricted file upload vulnerability.

Moodle version 3.8 suffers from an arbitrary file upload vulnerability.