elearning-script version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
>> AUTHOR: deepcore
RICOH SP 4510SF Printer suffers from an html injection vulnerability.
Wing FTP Server version 6.0.7 suffers from an unquoted service path vulnerability.
Heatmiser Netmonitor version 3.03 suffers from a hardcoded credential vulnerability.
WEMS Enterprise Manager version 2.58 suffers from a cross site scripting vulnerability.
WEMS BEMS version 21.3.1 has an undocumented backdoor account that is Base64 encoded. These sets of credentials are never exposed to the end-user and cannot be changed through any normal…
HomeAutomation version 3.3.2 suffers from persistent and reflective cross site scripting vulnerabilities.
MyDomoAtHome REST API is affected by an information disclosure vulnerability due to improper access control enforcement. An unauthenticated remote attacker can exploit this, via a specially crafted request to gain…
HomeAutomation version 3.3.2 authentication bypass exploit.
Local root exploit for the FreeBSD mqueuefs vulnerability as disclosed in FreeBSD-SA-19:15.mqueuefs.