NiceHash Miner Excavator versions 1.6.7c and below suffer from a cross site request forgery vulnerability. The issue enables any external web site to send commands to the local miner instance,…
>> AUTHOR: deepcore
rxvt version 2.7.0 and rxvt-unicode version 9.22 incorrectly handles ANSI escape sequences allowing for arbitrary code execution.
The way Microsoft Windows implements file security appears to have some significant shortcomings.
rxvt version 2.7.0 and rxvt-unicode version 9.22 incorrectly handles ANSI escape sequences allowing for arbitrary code execution.
WordPress Plugin Stop Spammers 2021.8 – ‘log’ Reflected Cross-site Scripting (XSS)
Visual Studio Code 1.47.1 – Denial of Service (PoC)
WebSSH for iOS 14.16.10 – ‘mashREPL’ Denial of Service (PoC)
In4Suit ERP 3.2.74.1370 – ‘txtLoginId’ SQL injection
ManageEngine ADSelfService Plus 6.1 – CSV Injection
Customer Relationship Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Original discovery of persistent cross site scripting in this version is attributed to Richard Jones in…