>> CATEGORY: exploit

There is a directory traversal issue in the Telegram client for Android. The method saveFile in MediaController.java saves a file to external memory based on an optional name that is…

ITGuard-Manager version 0.0.0.1 suffers from a pre-authentication remote command execution vulnerability.

Microsoft Windows 10 is forcibly installing the Keeper password manager which injects privileged UI’s into pages.

WordPress Pinterest Badge plugin version 1.8.0 suffers from a cross site scripting vulnerability.

Kemp load balancers with AFP WAF functionality versions 7.1.30 through 7.2.40 suffer from a POST bypass vulnerability.

WordPress Wunderbar Basic plugin version 1.1.3 suffers from a cross site scripting vulnerability.

Sync Breeze version 10.2.12 suffers from a denial of service vulnerability.

Joomla! JEXTN Question and Answer component version 3.1.0 suffers from a remote SQL injection vulnerability.

Joomla! JEXTN Video Gallery component version 3.0.5 suffers from a remote SQL injection vulnerability.

Readymade Video Sharing Script version 3.2 suffers from a html injection vulnerability.