Zeuscart version 4.0 suffers from a cross site scripting vulnerability in the search functionality.
>> AUTHOR: deepcore
Accentis Content Resource Management System versions released prior to the October 2015 patch suffer from a remote SQL injection vulnerability.
Accentis Content Resource Management System versions released prior to the October 2015 patch suffer from a cross site scripting vulnerability.
The NtCreateLowBoxToken API allows the capture of arbitrary handles which can lead to to local denial of service or elevation of privilege.
Milton Webdav version 2.7.0.1 suffers from an XXE injection vulnerability.
Python version 2.7 strop.replace() method suffers from an integer overflow that can be exploited to write outside the bounds of the string buffer and potentially achieve code execution. The issue…
Python 2.7 array.fromstring() method suffers from a use after free caused by unsafe realloc use. The issue is triggered when an array is concatenated to itself via fromstring() call.
Python version 2.7 hotshot module suffers from a heap buffer overflow due to a memcpy in the pack_string function at line 633.
If TCPing is called with an specially crafted CL argument it will cause an exception and overwrite the pointers to next SEH record and SEH handler with our buffer and…
actiTIME 2015.2 suffers from multiple security vulnerabilities including open redirection, HTTP response splitting, and unquoted service path elevation of privilege.