>> CATEGORY: exploit

OpenText Documentum D2 version 4.x contains vulnerable BeanShell (bsh) and Apache Commons libraries and accepts serialized data from untrusted sources, which leads to remote code execution.

Coppermine Gallery versions 1.5.44 and below suffer from a directory traversal vulnerability.

Joomla GeoContent component version 4.5 suffers from a cross site scripting vulnerability.

CentOS7 suffers from a kernel crashing denial of service issue triggered by an rsyslog daemon vulnerability.

Joomla Fastball component version 3.2.8 suffers from a remote SQL injection vulnerability.

Joomla GameServer! component version 3.4 suffers from a remote SQL injection vulnerability.

Joomla Music Collection component version 3.0.3 suffers from a remote SQL injection vulnerability.

WordPress Easy Table plugin version 1.6 suffers from persistent cross site scripting vulnerabilities.

ShadeYouVPN.com client for Windows version 2.0.1.11 suffers from a local privilege escalation vulnerability due to executing any file path sent through a socket without verification as the SYSTEM user.

Riverbed RiOS suffers from an insecure cryptographic storage vulnerability.