>> CATEGORY: exploit

OpenDocMan version 1.3.2. suffers from a cross site scripting vulnerability.

Checkmarx CxQL versions 7.1.5 and below suffer from a sandbox bypass vulnerability.

Zhone ADSL2+ 4P Bridge bridge and router suffers from authentication bypass and information disclosure vulnerabilities.

This Metasploit module will bypass Windows UAC by utilizing the missing .manifest on the script host cscript/wscript.exe binaries.

This Metasploit module will install a payload that is executed during boot. It will be executed either at user logon or system startup via the registry value in “CurrentVersionRun” (depending…

An independent vulnerability laboratory researcher discovered an authentication bypass vulnerability in the official Virtual Freer v1.57 web-application.

The Vulnerability Laboratory Core Research Team discovered an application-side input validation web vulnerability in the official Shopify online service web-application.

The Vulnerability Laboratory Core Research Team discovered a script code inject web vulnerability in the official Shopify online service web-application.

An independent vulnerability laboratory researcher discovered multiple remote vulnerabilities in the official Zhone ADSL2+ 4 Port Wireless Bridge & Router (Broadcom).

Cerb version 7.0.3 suffers from a cross site request forgery vulnerability.