Fujitsu Eternus Storage DX200 S4 fails to set cookies for authentication allowing for replay of URLs to achieve root level privileges.
>> AUTHOR: deepcore
ElkarBackup version 1.3.3 suffers from persistent cross site scripting vulnerabilities. This notes a variant attack vector for the original vulnerability discovered in this version in August of 2020 by Enes…
SAP Lumira version 1.31 suffers from a persistent cross site scripting vulnerability.
Laravel Administrator version 4 suffers from an unrestricted file upload vulnerability.
Moodle version 3.8 suffers from an arbitrary file upload vulnerability.
WordPress Age Gate plugin versions 2.13.4 and below suffer fro an open redirection vulnerability.
WordPress Wibar theme version 1.1.8 suffers from a persistent cross site scripting vulnerability.
WonderCMS version 3.1.3 suffers from a persistent cross site scripting vulnerability. Original finding for persistent cross site scripting in this version of WonderCMS is attributed to Hemant Patidar.
WordPress Accesspress Social Icons theme version 1.7.9 suffers from a remote SQL injection vulnerability.
ZTE Blade Vantage Z839 Emode.APK android.uid.system local privilege escalation exploit.