Online Shopping Alphaware 1.0 – ‘id’ SQL Injection
>> AUTHOR: deepcore
Online Shopping Alphaware 1.0 – ‘id’ SQL Injection
Nagios Log Server 2.1.6 – Persistent Cross-Site Scripting
SymphonyCMS 3.0.0 – Persistent Cross-Site Scripting
Eibiz i-Media Server Digital Signage 3.8.0 – Privilege Escalation
Mida eFramework 2.9.0 – Remote Code Execution
ASX to MP3 converter 3.1.3.7.2010.11.05 – ‘.wax’ Local Buffer Overflow (DEP,ASLR Bypass) (PoC)
WordPress Plugin Autoptimize 2.7.6 – Arbitrary File Upload (Authenticated)
Ericom Access Server allows attackers to initiate SSRF requests making outbound connections to arbitrary hosts and TCP ports. Attackers, who can reach the AccessNow server can target internal systems that…
LimeSurvey version 4.3.10 suffers from a persistent cross site scripting vulnerability.
A Linux copy-on-write issue can wrongly grant write access.