>> CATEGORY: exploit

RedTeam Pentesting discovered that rogue updates trigger a remote code execution vulnerability in WebClientPrint Processor (WCPP). These updates may be distributed through specially crafted websites and are processed without any…

RedTeam Pentesting discovered that attackers can configure a proxy host and port to be used when fetching print jobs with WebClientPrint Processor (WCPP). This proxy setting may be distributed via…

Progress Sitefinity version 9.1 suffers from cross site scripting, broken session management, and open redirection vulnerabilities.

Automated Logic WebCTRL version 6.5 suffers from an insecure file permission privilege escalation vulnerability.

Automated Logic WebCTRL version 6.1 suffers from path traversal and arbitrary file write vulnerabilities.

Automated Logic WebCTRL version 6.5 suffers from an unrestricted file upload vulnerability that allows for remote code execution.

eCardMAX version 10.5 suffers from a remote SQL injection vulnerability.

LiveSupport version 1.0 suffers from a remote SQL injection vulnerability.

Matrimony Script version 2.7 suffers from a remote SQL injection vulnerability.

Joomla KissGallery component version 1.0.0 suffers from a remote SQL injection vulnerability.