Observium version 0.16.7533 suffers from code execution and cross site request forgery vulnerabilities.
>> CATEGORY: exploit
Observium version 0.16.7533 suffers from a cross site request forgery vulnerability.
This Metasploit module exploits a remote command execution vulnerability in Apache Struts version between 2.3.20 and 2.3.28 (except 2.3.20.2 and 2.3.24.2). Remote Code Execution can be performed via method: prefix…
GLPI version 0.90.2 suffers from a remote SQL injection vulnerability.
Mozilla continues to ship Firefox and Thunderbird for Windows with a vulnerable executable installer.
WordPress Truemag theme from 2016 Q2 suffers from a cross site scripting vulnerability.
An independent vulnerability laboratory researcher discovered a client-side cross site scripting vulnerability in the official WordPress Truemag Theme.
An integer wrap may occur in PHP 7.x before version 7.0.6 when reading zip files with the getFromIndex() and getFromName() methods of ZipArchive, resulting in a heap overflow. Full exploit…
A Microsoft Windows kernel crash exists in the win32k.sys driver while processing a corrupted TTF font file.
If an application sends a one way binder transaction the service tries to send a reply which fails. This causes the service manager to exit its binder loop and the…