WordPress Slider By Soliloquy plugin version 2.6.2 suffers from a persistent cross site scripting vulnerability.
>> CATEGORY: exploit
This Metasploit module exploits a vulnerability in Ubuntu’s implementation of overlayfs. The vulnerability is the result of failing to verify the ability of a user to set the attributes in…
WordPress All-In-One Video Gallery plugin versions 2.4.9 and below suffer from a local file inclusion vulnerability.
Backdoor.Win32.WinShell.50 malware suffers from a hard-coded password vulnerability.
OrbiTeam BSCW Server versions 5.0.x, 5.1.x, 5.2.4 and below, 7.3.x and below, and 7.4.3 and below suffer from path traversal, cross site scripting, HTTP header, session object manipulation, local file…
Android’s vold’s incremental-fs APIs trust paths from system_server for mounting. There is supposed to be privilege separation between vold (TCB) and system_server (privileged process). However, vold’s IPC handlers related to…
Online Enrollment Management System in PHP and PayPal version 1.0 suffers from a persistent cross site scripting vulnerability.
Advanced Comment System version 1.0 suffers from a remote command execution vulnerability.
NSS (Network Security Services), Mozilla project’s cross-platform security library, suffers from a memory corruption flaw when validating ECDSA signatures.
MilleGPG5 version 5.7.2 Luglio 2021 suffers from a local privilege escalation vulnerability.