Denver IP Camera SHO-110 suffers from an unauthenticated disclosure of a snapshot.
>> AUTHOR: deepcore
Longjing Technology BEMS API version 1.21 suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used…
Oracle Fatwire version 6.3 suffers from cross site scripting and remote SQL injection vulnerabilities.
The msExchStorageGroup schema class added during Exchange installation can be used to create almost any AD object including users, groups or domain trusts leading to elevation of privilege.
The msExchStorageGroup schema class added during Exchange installation can be used to create almost any AD object including users, groups or domain trusts leading to elevation of privilege.
http://secondary33.go.th/vuln.gif notified by MiSh
TripSpark VEO Transportation suffers from a remote blind SQL injection vulnerability.
eGain Chat version 15.5.5 suffers from a cross site scripting vulnerability.
Denver Smart Wifi Camera SHC-150 has a hardcoded backdoor login vulnerability available via telnet that gives a shell.
Event Registration System with QR Code version 1.0 suffers from authentication bypass and shell upload vulnerabilities.