ManageEngine Network Configuration Manager 12.2 – ‘apiKey’ SQL Injection
>> AUTHOR: deepcore
ManageEngine Network Configuration Manager 12.2 – ‘apiKey’ SQL Injection
NEOWISE CARBONFTP 1.4 – Weak Password Encryption
Easy XML Editor 1.7.8 – XML External Entity Injection
Adive Framework 2.0.8 – Persistent Cross-Site Scripting
Sysax Multi Server 5.50 – Denial of Service (PoC)
Centreon 19.04 – Authenticated Remote Code Execution (Metasploit)
A flaw in the implementation of Microsoft’s Troubleshooter technology could lead to remote code execution if a crafted .diagcab file is opened by the victim. The exploit leverages a rogue…
APKF Product Key Finder version 2.5.8.0 suffers from a denial of service vulnerability.
Torrent FLV Converter version 1.51 Build 117 suffers from a stack overflow vulnerability.
WordPress InfiniteWP Client plugin version 1.9.4.5 suffers from an authentication bypass vulnerability.