QiHang Media Web Digital Signage version 3.0.9 suffers from an unauthenticated arbitrary file deletion vulnerability.
>> CATEGORY: exploit
QiHang Media Web Digital Signage version 3.0.9 suffers from an arbitrary file disclosure vulnerability.
QiHang Media Web Digital Signage version 3.0.9 suffers from a pre-authentication remote code execution vulnerability.
On Microsoft Windows 10 1909, LSASS does not correctly enforce the Enterprise Authentication Capability which allows any AppContainer to perform network authentication with the user’s credentials.
GetSimple CMS Multi User plugin version 1.8.2 suffers from multiple cross site request forgery vulnerabilities.
This Metasploit module exploits a logic bug within the template rendering code in vBulletin 5.x. The module uses the vBulletin template rendering functionality to render the widget_tabbedcontainer_tab_panel template while also…
Fuel CMS version 1.4.7 suffers from an authenticated remote SQL injection vulnerability.
SugarCRM versions prior to 10.1.10 suffer from multiple cross site scripting vulnerabilities.
SugarCRM versions prior to 10.1.10 suffer from a remote SQL injection vulnerability.
Avian JVM version 1.2.0 suffers from a silent return issue in the vm::arrayCopy method defined in classpath-common.h, where multiple boundary checks are performed to prevent out-of-bounds memory read/write. One of…