Bitrix mcart.xls module versions 6.5.2 and below suffer from a remote SQL injection vulnerability.
>> CATEGORY: exploit
ManageEngine Application Manager version 12.5 remote command execution exploit.
ManageEngine Application Manager 12 suffers from cross site request forgery, privilege escalation, and cross site scripting vulnerabilities.
Telisca IPS Lock 2 suffers from an unauthenticated phone unlocking vulnerability. Metasploit module included.
Microsoft IExpress suffers from a DLL hijacking vulnerability.
dbsudio version R1 2.14.4 and DNS-SD version 379.32.2 suffer from an unquoted search path issue impacting the service ‘dbaudio DNS-SD’ for Windows deployed as part of dbaudio R1. This could…
Roundcube version 1.1.3 suffers from a path traversal vulnerability.
EasyDNNnews versions prior to 7.5 suffer from a cross site scripting vulnerability.
WordPress Commentator plugin version 2.5.2 suffers from a cross site scripting vulnerability.
Printer virtualization under VMware Workstation involves a vprintproxy.exe process launched by vmware-vmx.exe on the Host. It will receive and process EMFSPOOL files sent by a Guest on its COM1 port,…