WebLog Expert Web Server Enterprise version 9.4 has a weak permission vulnerability that allows for authentication bypass.
>> CATEGORY: exploit
RedTeam Pentesting discovered an arbitrary redirect vulnerability in the redirect mechanism of the application lifecycle management platform Tuleap. Versions prior to 9.17.99.93 are affected.
Rapid Scada version 5.5.0 suffers from an insecure permission vulnerability.
Bravo Tejari Web Portal suffers from a cross site request forgery vulnerability.
Xion version 1.0.125 .m3u file local SEH-based unicode buffer overflow exploit.
This is a proof of concept exploit for the memcached denial of service vulnerability.
Dup Scout Enterprise version 10.5.12 suffers from a share username local buffer overflow vulnerability.
Magento Backups suffer from a cross site request forgery vulnerability. Versions affected include Magento Open Source prior to 1.9.3.8, Magento Commerce prior to 1.14.3.8, Magento 2.0 prior to 2.0.18, Magento…
Magento suffers from user information related cross site scripting vulnerabilities. Versions affected include Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, and Magento 2.2 prior to 2.2.3.
Magento suffers from downloadable product information related cross site scripting vulnerabilities. Versions affected include Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, and Magento 2.2 prior to 2.2.3.