Microsoft Windows MsMpEng suffers from a saved caller use-after-free vulnerability.
>> CATEGORY: exploit
Trend Micro Deep Security version 6.5 suffers from XML external entity injection, local privilege escalation, and remote code execution vulnerabilities.
IBM Informix Dynamic Server suffers from dll injection, PHP code injection, and heap buffer overflow vulnerabilities.
KEMP LoadMaster version 7.135.0.13245 suffers from persistent cross site scripting and remote code execution vulnerabilities.
This proof of concept code shows how manager functionality can be abused in ModX CMS to upload a shell.
WordPress Simple Slideshow Manager plugin versions 2.2 and below suffer from multiple cross site scripting vulnerabilities.
OV3 Online Administration version 3.0 suffers from a traversal vulnerability that allows for arbitrary file access.
OV3 Online Administration version 3.0 suffers from an authenticated remote code execution vulnerability.
OV3 Online Administration version 3.0 suffers from multiple unauthenticated remote SQL injection vulnerabilities.
Piwigo Facetag plugin version 0.0.3 suffers from a remote SQL injection vulnerability.