>> CATEGORY: exploit

Ipswitch MOVEit Mobile versions 1.2.0.962 and below suffer from a reflective cross site scripting vulnerability.

Ipswitch MOVEit Mobile versions 1.2.0.962 and below suffer from a cross site request forgery vulnerability.

Ipswitch MOVEit DMZ versions 8.1 and below suffer from a file id enumeration vulnerability.

Ipswitch MOVEit DMZ versions 8.1 and below suffer from a persistent cross site scripting vulnerability.

Ipswitch MOVEit DMZ versions 8.1 and below suffer from an authorization bypass vulnerability.

Horizon HD / WiFi suffers from a weak wifi passphrase generation vulnerability.

WordPress Appointment Booking Calendar plugin version 1.1.24 suffers from a remote SQL injection through addslashes.

An independent vulnerability laboratory researcher discovered a filter bypass and persistent vulnerability in the official Trend Micro DirectPass web-application.

An independent vulnerability laboratory research group discovered a sql injection web vulnerability in the official New Era Company content management system (2016-Q1).