The vulnerability laboratory core research team discovered an application-side input validation vulnerability in the VoipNow v4.0.1 web-application.
>> CATEGORY: exploit
This Metasploit module exploits HP Data Protector Omniinet process on Windows only. This exploit invokes the install service function which allows an attacker to create a custom payload in the…
Webutler CMS version 3.2 suffers from a cross site request forgery vulnerability.
WordPress iThemes Security suffers from insecure backup and logfile generation vulnerabilities.
phpMyFAQ versions 2.8.26 and 2.9.0-RC2 suffer from a cross site request forgery vulnerability.
PHPBack version 1.3.0 suffers from a remote SQL injection vulnerability.
ImpressCMS versions 1.3.9 and below suffer from a remote SQL injection vulnerability.
OpenTSDB suffers from a remote code execution vulnerability.
phpLiteadmin version 1.9.6 suffers from cross site request forgery and cross site scripting vulnerabilities.
Gemtek CPE7000 WLTCS-106 suffers from authentication bypass and remote code execution vulnerabilities.