RedTeam Pentesting discovered several backdoors in the firmware for the Auerswald COMpact 5500R PBX. These backdoors allow attackers who are able to access the web-based management application full administrative access…
>> CATEGORY: exploit
DuckDuckGo version 7.64.4 suffers from an address bar spoofing vulnerability.
Trojan.Win32.Mucc.ivk malware suffers from an unquoted service path vulnerability.
Online Pre-Owned / Used Car Showroom Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
M-Files Web versions prior to 20.10.9524.1 and M-Files Web versions prior to 20.10.9445.0 contain an improper range header processing vulnerability. A remote unauthenticated attacker may send crafted requests with overlapping…
Backdoor.Win32.Vernet.axt malware suffers from an insecure permissions vulnerability.
Backdoor.Win32.Bionet.10 malware suffers from bypass and code execution vulnerabilities.
Online Magazine Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
WordPress DZS Zoomsounds plugin version 6.45 suffers from an unauthenticated arbitrary file read vulnerability.
Backdoor.Win32.WinShell.50 malware suffers from a hard-coded password vulnerability.