>> CATEGORY: exploit

GSearch version 1.0.1.0 suffers from a denial of service vulnerability.

GrandNode versions 4.40 and below suffer from arbitrary file download and path traversal vulnerabilities.

dotProject version 2.1.9 suffers from multiple remote SQL injection vulnerabilities.

SeedDMS versions prior to 5.1.11 suffers from persistent cross site scripting vulnerability in out.UsrMgr.php.

SeedDMS versions prior to 5.1.11 suffers from a remote shell upload vulnerability.

SeedDMS versions prior to 5.1.11 suffers from persistent cross site scripting vulnerability in out.GroupMgr.php.

The IDAL HTTP server is vulnerable to a stack-based buffer overflow when receiving a large host header in a HTTP request. The host header value overflows a buffer and overwrites…

Fortinet’s FortiCam FCM-MB40 product suffers from root code execution, privilege escalation, hardcoded key, and various other vulnerabilities.

The IDAL HTTP server is vulnerable to memory corruption through insecure use of user supplied format strings. An attacker can abuse this functionality to bypass authentication or execute code on…

Microsoft Windows suffers from a CmpAddRemoveContainerToCLFSLog arbitrary file and directory creation vulnerability that allows for elevation of privilege.