>> ARCHIVE: 2021-03

Trojan.Win32.Scar.dxir malware suffers from an insecure permissions vulnerability.

Realtek Wireless LAN Utility version 700.1631 suffers from an unquoted service path vulnerability.

eBeam Education Suite version 2.5.0.9 suffers from an unquoted service path vulnerability.

Interactive Suite version 3.6 suffers from an unquoted service path vulnerability.

VoIPmonitor WEB GUI versions 24.53, 24.54, and 24.55 suffer from multiple cross site scripting vulnerabilities.

All editions of Windows Server 2012 (but not 2012 R2) are vulnerable to DLL hijacking due to the way TiWorker.exe will try to call the non-existent SrClient.dll file when Windows…

SonLogger version 4.2.3.3 suffers from SuperAdmin account creation and information disclosure vulnerabilities.

This Metasploit module exploits an unauthenticated arbitrary file upload via an insecure POST request in SonLogger. It has been tested on version less than 6.4.1 in Windows 10 Enterprise.

Trojan.Win32.Siscos.bqe malware suffers from an insecure permissions vulnerability.

Online News Portal version 1.0 suffers from a remote SQL injection vulnerability.