>> CATEGORY: exploit

IBM Cognos TM1 Server / Planning Analytics Server (TM1) suffers from a configuration overwrite vulnerability that can be leveraged to achieve code execution as SYSTEM via TM1 scripting. Extensive research…

Micro Focus Vibe version 4.0.6 suffers from a cross site scripting vulnerability.

WordPress StatTraq plugin versions 1.3.0 and below suffer from a remote SQL injection vulnerability.

Soluzione Globale Ecommerce CMS version 1 suffers from a remote SQL injection vulnerability.

Easy RM to MP3 Converter version 2.7.3.700 suffers from an Input local buffer overflow vulnerability.

Jinfornet Jreport version 15.6 suffers from an unauthenticated directory traversal vulnerability.

Everest version 5.50.2100 suffers from a denial of service vulnerability.

ECK Hotel version 1.0 suffers from a cross site request forgery vulnerability.

Centreo version 19.10.8 suffers from a DisplayServiceStatus remote code execution vulnerability.

Linux kernel versions starting at 4.10 and below 5.1.7 PTRACE_TRACEME local root exploit that uses the pkexec technique.