MatrixSSL suffers from a stack buffer overflow vulnerability when verifying x.509 certificates.
>> AUTHOR: deepcore
The Nuuo Central Management Server allows an authenticated user to query the state of the alarms. This functionality can be abused to inject SQL into the query. As SQL Server…
Protecting Windows Privilege Accounts
WebKit JSC – reifyStaticProperty Needs to set the PropertyAttribute::CustomAccessor flag for CustomGetterSetter
Nuuo Central Management – Authenticated SQL Server SQL Injection (Metasploit)
Micro Focus Filr 3.4.0.217 – Path Traversal / Local Privilege Escalation
Quest NetVault Backup Server < 11.4.5 – Process Manager Service SQL Injection / Remote Code Execution
Teracue ENC-400 – Command Injection / Missing Authentication
HotelDruid version 2.3 suffers from a cross site scripting vulnerability.
The COMMITCONFIG verb is used by a CMS client to upload and modify the configuration of the CMS Server. The vulnerability is in the FileName parameter, which accepts directory traversal…