>> CATEGORY: exploit

Verint Impact 360 version 15.1 suffers from a cross site request forgery vulnerability.

BIG-IP versions 15.0.0 through 15.1.0.3, 14.1.0 through 14.1.2.5, 13.1.0 through 13.1.3.3, 12.1.0 through 12.1.5.1, and 11.6.1 through 11.6.5.1 suffer from Traffic Management User Interface (TMUI) arbitrary file read and command…

Client Management System version 1.0 suffers from a remote SQL injection vulnerability.

Teachers Record Management System version 1.0 suffers from a remote SQL injection vulnerability.

Cyber Cafe Management System from phpgurukul.com suffers from multiple remote SQL injection vulnerabilities. One allows for authentication bypass.

BSA Radar version 1.6.7234.24750 suffers from a local file inclusion vulnerability.

Apartment Visitors Management System Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

This Metasploit module exploits multiple vulnerabilities together in order to achieve remote code execution in Trend Micro Web Security versions prior to 6.5 SP2 Patch 4 (Build 1901).

Zyxel Armor X1 WAP6806 suffers from a directory traversal vulnerability.

Oracle Solaris 11 Device Driver Utility version 1.3.1 suffers from an insecure use of /tmp that can allow for a race condition which leads to privilege escalation. Included exploit provides…