Chrome suffers from a MediaElementEventListener::UpdateSources use-after-free vulnerability.
>> CATEGORY: exploit
NodeBB Forum versions 1.12.2 through 1.14.2 suffer from an account takeover vulnerability.
TimeClock Software version 1.01 suffers from an authenticated time-based remote SQL injection vulnerability.
Guild Wars 2 suffers from an insecure folder permissions vulnerability.
berliCRM version 1.0.24 suffers from a remote SQL injection vulnerability.
Battle.Net version 1.27.1.12428 suffers from a privilege escalation vulnerability due to insecure file permissions.
xls2csv version 0.95 suffers from three overflow, one malloc fail, one memory leak, and two null pointer dereference vulnerabilities. Proof of concept code and ASAN analysis is included.
Cisco ASA and FTD version 9.6.4.42 suffer from a path traversal vulnerability.
Online Student’s Management System suffers from multiple unauthenticated remote SQL injection vulnerabilities. No version is provided for this software but a fix was verified by the author on October 7,…
SEO Panel version 4.6.0 suffers from a remote code execution vulnerability.