openMAINT 1.1-2.4.2 – Arbitrary File Upload
>> AUTHOR: deepcore
openMAINT 1.1-2.4.2 – Arbitrary File Upload
The Karel IP Phone IP1211 web management panel suffers from a directory traversal vulnerability.
EasyPMS version 1.0.0 suffers from an authentication bypass vulnerability.
BACNet Test Server version 1.01 suffers from a denial of service vulnerability when sending a malformed BVLC Length UDP packet to port 47808 which causes the application to crash.
Liman version 0.7 suffers from a cross site request forgery vulnerability.
A security vulnerability affecting GoAhead versions 2 to 5 has been identified when using Digest authentication over HTTP. The HTTP Digest Authentication in the GoAhead web server does not completely…
SEO Panel 4.6.0 – Remote Code Execution
D-Link DSR-250N 3.12 – Denial of Service (PoC)
Krpano Panorama Viewer versions 1.20.8 and below suffer from a cross site scripting vulnerability.
HashiCorp Vault’s AWS IAM authentication method can be bypassed by sending a serialized request to the STS AssumeRoleWithWebIdentity method as part of the authentication flow. The request triggers a JSON…