WordPress Colorbox Lightbox plugin version 1.1.2 suffers from a persistent cross site scripting vulnerability.
>> CATEGORY: exploit
WordPress Responsive Lightbox2 plugin version 1.0.2 suffers from a persistent cross site scripting vulnerability.
XenForo version 2.1.0 Patch 2 suffers from a cross site scripting vulnerability.
WordPress Fancybox Lightbox plugin version 1.0.1 suffers from a persistent cross site scripting vulnerability.
This Metasploit module exploits a Java deserialization vulnerability in Apache OFBiz’s unauthenticated XML-RPC endpoint /webtools/control/xmlrpc for versions prior to 17.12.04.
Samsung Android suffers from a heap buffer overflow vulnerability and other issues in the Skia Qmage image codec.
This Metasploit module exploits an authenticated arbitrary command execution vulnerability within the ‘server’ GET parameter of the /uapi-cgi/testaction.cgi page of Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx…
Artica Proxy version 4.3.0 suffers from an authentication bypass vulnerability.
On Android, app zygotes do not properly guard against UID reuse attacks, leak AID_READPROC, and expose mlstrustedsubject.
WordPress Sell Photo plugin version 1.0.5 suffers from a persistent cross site scripting vulnerability.