The vulnerability laboratory core research team discovered a client-side cross site scripting vulnerability in the offic…
>> CATEGORY: exploit
The vulnerability laboratory core research team discovered multiple sql-injection web vulnerabilities in the Xavier PHP …
EnGenius EnShare suffers from an unauthenticated command injection vulnerability in which an attacker can inject and execute arbitrary code as the root user via the ‘path’ GET/POST parameter parsed by…
DNSTracer version 1.8.1 suffers from a buffer overflow vulnerability.
BIND version 9.10.5 for x86 and x64 on Windows suffers from an unquoted service path vulnerability that can allow for privilege escalation.
Peplink version 7.0.0-build1904 suffers from cross site request forgery, cross site scripting, file deletion, and remote SQL injection vulnerabilities.
reiserfstune version 3.6.25 suffers from a local buffer overflow vulnerability.
Samba versions 3.5.0 through 4.4.14, 4.5.10, and 4.6.4 is_known_pipename() remote code execution exploit.
WordPress Tribulant Newsletters plugin versions 4.6.4.2 and below suffer from cross site scripting and file disclosure vulnerabilities.
WordPress No External Links plugin versions 3.5.17 and below suffer from a cross site scripting vulnerability.