Active WebCam version 11.5 suffers from an unquoted service path vulnerability.
>> CATEGORY: exploit
Purchase Order Management System version 1.0 suffers from a remote shell upload vulnerability.
Facebook ParlAI version 1.0.0 suffers from a deserialization vulnerability that can allow for code execution.
Ulfius Web Framework suffers from a remote memory corruption vulnerability. When parsing malformed HTTP requests, a heap-related initialization bug is triggered resulting in a crash in the server or potentially…
Zenitel AlphaCom XE Audio Server versions up to 11.2.3.10 have a web interface called AlphaWeb XE that allows for a remote shell upload.
DMA Softlab Radius Manager version 4.4.0 chained exploit written in go that exploits session management and cross site scripting vulnerabilities.
DMA Softlab Radius Manager version 4.4.0 chained exploit written in go that exploits session management and cross site scripting vulnerabilities.
POMS-PHP version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
ECOA building automation systems have hidden backdoor accounts. Many versions are affected.