>> CATEGORY: exploit

Centreon version 2.6.1 suffers from a remote shell upload vulnerability.

An independent vulnerability laboratory researcher discovered a buffer overflow vulnerability in the IconLover v5.4.2 and v5.4.5 software.

The Vulnerability Laboratory Core Research Team discovered an arbitrary file upload web vulnerability in the Photos in Wifi v1.0.1 iOS mobile web-application.

The Vulnerability Laboratory Research Team discovered an application-side input validation exception-handling web vulnerability in the official Flowdock online service web-application.

An independent vulnerability laboratory researcher discovered a code execution vulnerability in the official WInRAR SFX v5.21 software.

4images versions 1.7.11 and below suffer from a persistent cross site scripting vulnerability.

Junos Pulse Secure Meeting version 8.0.5 allows an attacker to enter “secure” meetings without knowledge of the password and the invitation link using the java fat client (meetingAppSun.jar).

VuFind version 1.0 suffers from a cross site scripting vulnerability.

The Good Mobile Device Management solution suffers from an insecure application-coupling vulnerability.

WinRaR SFX remote code execution exploit that just requires a malicious file to get loaded.