Advanced Electron Forum 1.0.9 – RFI / CSRF Vulnerability
>> AUTHOR: deepcore
Advanced Electron Forum 1.0.9 – RFI / CSRF Vulnerability
Advanced Electron Forum 1.0.9 – Persistent XSS Vulnerabilities
WEG SuperDrive G2 12.0.0 – Insecure File Permissions
SevOne NMS versions 4.3.6.0 and below remote root exploit.
WhatsUp Gold version 16.3 suffers from an unauthenticated remote code execution vulnerability.
Bitrix mcart.xls module versions 6.5.2 and below suffer from a remote SQL injection vulnerability.
ManageEngine Application Manager version 12.5 remote command execution exploit.
ManageEngine Application Manager 12 suffers from cross site request forgery, privilege escalation, and cross site scripting vulnerabilities.
Telisca IPS Lock 2 suffers from an unauthenticated phone unlocking vulnerability. Metasploit module included.
Microsoft IExpress suffers from a DLL hijacking vulnerability.