>> CATEGORY: exploit

Tails versions 1.6 and below suffers from an information leak vulnerability via a symlink attack.

b374k web shell versions 2.8 and 3.2.3 suffer from a cross site request forgery vulnerability that allows for remote command injection.

OpenBSD net-snmp suffers from a credential and information disclosure vulnerability.

PHP Vacation Rental Script version 7R suffers from cross site request forgery and cross site scripting vulnerabilities.

FBZX versions 2.10 and below are prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker could exploit this issue…

WordPress WP Fastest Cache plugin version 0.8.4.8 suffers from a remote blind SQL injection vulnerability.

The install script for IBM Installation Manager version 1.8.1 suffers from a /tmp race condition.

Multiple Checkpoint.com subdomains suffered from cross site scripting vulnerabilities.

The Vulnerability Laboratory Core Research Team discovered multiple client-side cross site request forgery vulnerabilities in the official Magento online service web-application.