XMB – eXtreme Message Board version 1.9.11.13 suffers from weak crypto and insecure password storage vulnerabilities.
>> CATEGORY: exploit
This Metasploit module writes and spawns a native payload on an android device that is listening for adb debug messages.
pfSense Firewall version 2.2.5 cross site request forgery exploit.
An independent vulnerability laboratory research group discovered an auth bypass (pre-auth) web vulnerability in the official Classic Infomedia (Login) CMS (2016-Q1).
The fix for CVE-2015-2553 can be bypassed to get limited mount reparse points working again for sandbox attacks by abusing anonymous token impersonation.
The fix for CVE-2015-2553 can be bypassed to get limited mount reparse points working again for sandbox attacks.
An independent vulnerability laboratory research group discovered multiple vulnerabilities in the official Kleefa v1.7 content management system.
118 Telecom’s website suffers from a cross site scripting vulnerability.
Avast Sandbox/Autosandbox message filtering suffers from a flaw that allows for privilege escalation.
xwpe versions 1.5.30a-2.1 and below are prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input.