Sitecore CMS version 8.2 suffers from cross site scripting and file disclosure vulnerabilities.
>> CATEGORY: exploit
Dasan Networks GPON ONT WiFi Router H64X Series does not properly perform authentication and authorization, allowing it to be bypassed through cookie manipulation. Setting the Cookie ‘Grant’ with value 1…
Dasan Networks GPON ONT WiFi Router H64X Series suffers from a cross site request forgery vulnerability.
Vodafone Italia’s webmail system suffers from a cross site scripting vulnerability that can be leveraged via an incoming email.
Dasan Networks GPON ONT WiFi Router H64X Series suffers from a privilege escalation vulnerability.
Dasan Networks GPON ONT WiFi Router H64X Series suffers from a system configuration download vulnerability.
iSmartAlarm Backend suffers from a server-side request forgery vulnerability.
Microsoft Windows versions 7, 8.1, 2008 R2, 2012 R2, and 2016 R2 EternalBlue SMB remote code execution exploit that leverages the issue noted in MS17-0101.
NfSen version 1.3.7 and AlienVault OSSIM version 4.3.1 suffer from a customfmt command injection vulnerability.
RaidenHTTPD version 2.0.44 suffers from a cross site scripting vulnerability via the user-agent header.