Grafana suffers from an unauthorized arbitrary file reading vulnerability. Version 8.3.1 addresses this issue.
>> CATEGORY: exploit
ETS Password Recovery Tool allows you to recover passwords for an ETS5 project. This is due to a significant design flaw as ETS5 uses a hard-coded password and salt to…
Simple Online Men’s Salon Management System version 1.0 appears to suffer from a time-based remote SQL injection vulnerability.
HCL Lotus Notes version 12 suffers from an unquoted service path vulnerability.
Microsoft Internet Explorer suffers from an active-x related bypass vulnerability. Microsoft will not address the issue as it is end of life.
RedTeam Pentesting discovered a vulnerability in the web-based configuration management interface of the Auerswald COMfortel 1400 and 2600 IP desktop phones. The vulnerability allows accessing configuration data and settings in…
Croogo version 3.0.2 suffers from an authenticated remote code execution vulnerability.
RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows low-privileged users to access passwords of administrative user accounts. Affected versions include…
The recent commit #9c4440 introduces two vulnerabilities to libcontainer that can be exploited by an attacker with partial control over the bind mount sources of a new container.
RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows users with the “sub-admin” privilege to access any files on the PBX’s…