Openlitespeed WebServer 1.7.8 – Command Injection (Authenticated) (2)
>> ARCHIVE: 2021-02
Openlitespeed WebServer 1.7.8 – Command Injection (Authenticated) (2)
b2evolution 6.11.6 – ‘tab3’ Reflected XSS
b2evolution 6.11.6 – ‘redirect_to’ Open Redirect
PEEL Shopping 9.3.0 – ‘address’ Stored Cross-Site Scripting
WordPress Supsystic Contact Form plugin version 1.7.5 suffers from remote SQL injection and persistent cross site scripting vulnerabilities.
Email-Worm.Win32.Sircam.eb malware suffers from an insecure permissions vulnerability.
Trojan.Win32.Delf.uq malware suffers from an insecure permissions vulnerability.
Trojan-Spy.Win32.SpyEyes.awow malware suffers from an insecure permissions vulnerability.
WordPress Supsystic Backup plugin version 2.3.9 suffers from a local file inclusion vulnerability.
Trojan-Spy.Win32.WebCenter.a malware suffers from an information leakage vulnerability.