Trashbilling.com suffered from account enumeration, cross site scripting, denial of service, and remote SQL injection vulnerabilities. Trashflow 3.0 suffers from denial of service and hard-coded credential vulnerabilities.
>> CATEGORY: exploit
google-api-php-client versions 2.1.3 and below suffer from multiple cross site scripting vulnerabilities.
CMS Made Simple version 2.1.6 suffers from code execution and cross site scripting vulnerabilities.
miniupnpc suffers from an integer signedness error when parsing a chunked encoded http response.
Guidance Software EnCase Forensic Imager versions 7.10 and below suffer from a stack-based buffer overflow vulnerability.
This Metasploit modules exploits a buffer overflow in the Quest Privilege Manager, a software used to integrate Active Directory with Linux and Unix systems. The vulnerability exists in the pmmasterd…
Microsoft OneDrive iOS App version 8.13 suffers from insecure handling of URI schemes.
SMBv1 SrvOs2FeaToNt OOB is prone to a remote code execution vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. This exploit leverages this vulnerability as described in…
Dolibarr version 4.0.4 suffers from cross site scripting, weak hashing, weak password change, and remote SQL injection vulnerabilities.
ASUS routers suffer from cross site request forgery and information disclosure vulnerabilities. Versions affected include RT-AC55U, RT-AC56R, RT-AC56S, RT-AC56U, RT-AC66U, RT-AC88U, RT-AC66R, RT-AC66U, RT-AC66W, RT-AC68W, RT-AC68P, RT-AC68R, RT-AC68U, RT-AC87R, RT-AC87U,…