Brickcom Network Cameras suffer from insecure direct object reference, hard-coded credentials, information disclosure, cross site request forgery, and cross site scripting vulnerabilities.
>> CATEGORY: exploit
Django CMS version 3.2.3 suffers from filter bypass and malicious script insertion vulnerabilities.
PHPmongoDB version 1.0.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
The Adobe Type Manager Font Driver (ATMFD.DLL) suffers from a NamedEscape out-of-bounds read.
ChitaSoft CMS version 3 suffers from a cross site scripting vulnerability.
OpenWGA Content Manager version 7.1.9 suffers from a cross site scripting vulnerability when input passed via the User-Agent HTTP header is not properly sanitized before being returned to the user….
OpenWGA Developer Studio version 3.1.0 suffers from an arbitrary code execution vulnerability when using the File OpenDialog box enabling the attacker to execute any binary he or she chooses including…
The Vulnerability Laboratory Core Research Team discovered a XEE Vulnerability in the official Ubnt online service web-application.
The vulnerability laboratory core research team discovered an application-side vulnerability in the Django v3.2.3 Content Management System.
This Metasploit module exploits a file upload vulnerability in Kace K1000 versions 5.0 to 5.3, 5.4 prior to 5.4.76849, and 5.5 prior to 5.5.90547 which allows unauthenticated users to execute…