>> CATEGORY: exploit

Bugcrowd’s web application suffered from a filter bypass and malicious script insertion vulnerability.

Dounia Creation version 1.4 suffers from remote SQL injection and weak default password vulnerabilities.

Real Estate Portal version 4.1 suffers from multiple persistent cross site scripting vulnerabilities.

Real Estate Portal version 4.1 suffers from a remote code execution vulnerability via a remote shell upload.

EduSec version 4.2.5 suffers from multiple remote SQL injection vulnerabilities.

HP Data Protector version A.09.00 suffers from an arbitrary command execution vulnerability.

Graphite2 suffers from multiple heap-based out-of-bounds reads in NameTable::getName.

Graphite2 suffers from a heap-based over-read in TtfUtil::CmapSubtable4NextCodepoint.

Graphite2 suffers from a heap-based over-read in TtfUtil::CheckCmapSubtable12.

Graphite2 suffers from multiple heap-based over-reads in GlyphCache::Loader.