Synology Video Station version 1.5-0757 suffers from remote command injection and SQL injection vulnerabilities.
>> CATEGORY: exploit
Synology Download Station versions 3.5-2956 and 3.5-2962 suffer from multiple cross site scripting vulnerabilities.
SAP NetWeaver AS Java version 7.4 suffers from multiple XXE vulnerabilities. An attacker can read an arbitrary file on a server by sending a correct XML request with a crafted…
Android Stagefright remote code execution exploit that leverages an integer overflow in the libstagefright MP4 ‘stsc’ atom handling.
WordPress Easy Media Gallery plugin version 1.3.47 suffers from a stored cross site scripting vulnerability.
VeryPDF HTML Converter version 2.0 SEH/ToLower() bypass buffer overflow exploit.
IBM AIX High Availability Cluster Multiprocessing (HACMP) suffers from a local privilege escalation vulnerability that results in root privileges.
DirectAdmin web control panel version 1.483 suffers from cross site request forgery and cross site scripting vulnerabilities.
Autoexchanger version 5.1.0 suffers from a cross site request forgery vulnerability.