Zimbra versions prior to 8.8.1 suffer from XML external entity injection and server-side request forgery vulnerabilities.
>> CATEGORY: exploit
WordPress Satoshi theme version 2.0 suffers from cross site request forgery and remote file upload vulnerabilities.
Supra Smart Cloud TV suffers from an openLiveURL() remote file inclusion vulnerability.
Rapid7 Windows InsightIDR Agent version 2.6.3.14 suffers from a local privilege escalation vulnerability.
TestLink versions 1.9.19 and below suffers from a server side request forgery vulnerability.
Dell KACE System Management Appliance (SMA) versions prior to 9.0.270 patch SEC2018_20180410 suffers from cross site scripting and remote SQL injection vulnerabilities.
AUO Solar Data Recorder versions prior to 1.3.0 suffer from an incorrect access control vulnerability.
dotCMS version 5.1.1 suffers from cross site scripting and open redirection vulnerabilities.
NUUO NVRMini 2 version 3.9.1 suffers from an sscanf stack overflow vulnerability.
Cisco RV130W version 1.0.3.44 suffers from a remote stack overflow vulnerability.