EZ SQL Reports < 4.11.37 – Multiple Vulnerabilities
>> AUTHOR: deepcore
EZ SQL Reports < 4.11.37 – Multiple Vulnerabilities
ManageEngine EventLog Analyzer < 10.6 build 10060 – SQL Query Execution
IKEView.exe Fox beta 1 – Stack Buffer Overflow
The Vulnerability Laboratory Research Team member Ayoub Ait Elmokhtar discovered an Open Redirect Web Vulnerability in the official PayPal Inc Web Application.
Microsoft Internet Explorer 11 – Stack Underflow Crash PoC
The Vulnerability Laboratory Research Team discovered an application-side file input validation web vulnerability in the official Magento Commerce online service web-application.
SAP NetWeaver AS ABAP contains a hardcoded username that changes the system’s behavior if the user is authenticated successfully. The user may obtain additional information that should not be displayed.
An attacker can use hardcoded credentials to get unauthorized access and perform various actions in the NetWeaver AS ABAP. In addition, it is likely that the code will be implemented…
Synology Video Station version 1.5-0757 suffers from remote command injection and SQL injection vulnerabilities.