An independent vulnerability laboratory researcher discovered a remote code execution vulnerability in the official Robo Gallery v2.0.14 WordPress Plugin.
>> CATEGORY: exploit
WordPress Multiple Meta Box plugin version 1.0 suffers from a remote SQL injection vulnerability.
Perli version 2.6 suffers from filter bypass and script insertion vulnerabilities.
Eight Webcom CMS 2016 Q2 suffers from a remote SQL injection vulnerability.
MESS version 0.154-3.1 suffers from a buffer overflow vulnerability.
Quicksilver HQ VoHo Concept4E CMS version 1.0 suffers from multiple remote SQL injection vulnerabilities.
JPEGSnoop versions 1.7.3 and below suffer from a dll hijacking vulnerability.
ExaGrid ships a public/private key pair on their backup appliances to allow passwordless authentication to other ExaGrid appliances. Since the private key is easily retrievable, an attacker can use it…
Some installations of Postgres 8 and 9 are configured to allow loading external scripting languages. Most commonly this is Perl and Python. When enabled, command execution is possible on the…
The GET_CONFIG and GET_PARAMETER calls on IOMX are vulnerable to an information disclosure of uninitialized heap memory. This could be used by an attacker to break ASLR in the media…