>> CATEGORY: exploit

LabVantage version 8.3 suffers from an information disclosure vulnerability.

WordPress Fruitful theme version 3.8 suffers from a persistent cross site scripting vulnerability.

The TrustedInstaller service running on the Microsoft Windows operating system hosts a COM service called Sxs Store Class; its ISxsStore interface provides methods to install/uninstall assembles via application manifests files…

SWAPGS attack proof of concept exploit that demonstrates an information disclosure in the windows kernel.

phpMyChat Plus version 1.98 suffers from a remote SQL injection vulnerability.

EPSON EasyMP Network Projection version 2.81 suffers from an unquoted service path vulnerability.

HomeGuard Pro version 9.3.1 suffers from an insecure folder permission vulnerability.

SprintWork version 2.3.1 suffers from a local privilege escalation vulnerability.

SweynTooth captures a family of 12 vulnerabilities (more under non-disclosure) across different Bluetooth Low Energy (BLE) software development kits (SDKs) of six major system-on-a-chip (SoC) vendors. The vulnerabilities expose flaws…

WordPress Ultimate-Member plugin version 2.1.3 suffers from a local file inclusion vulnerability.