>> CATEGORY: exploit

FlexHEX version 2.71 SEH buffer overflow exploit.

River Past Cam Do version 3.7.6 suffers from an activation code local buffer overflow vulnerability.

Bolt CMS version 3.6.6 suffers from cross site request forgery and code execution vulnerabilities.

WordPress Limit Login Attempts Reloaded plugin version 2.7.4 suffers from a login limit bypass vulnerability.

CentOS Web Panel versions 0.9.8.793 (Free) and 0.9.8.753 (Pro) suffer from an email field persistent cross site scripting vulnerability.

AllPlayer version 7.4 SEH unicode buffer overflow exploit.

Apache versions 2.4.17 up to 2.4.38 apache2ctl graceful logrotate local privilege escalation exploit.

Open-Xchange AppSuite versions 7.10.1 and below suffer from information exposure and improper access control vulnerabilities.

Administrative credentials submitted to the Arris Touchstone TG1672 are sent over HTTP base64 encoded in a GET request.

WordPress Form Maker plugin version 1.13.2 suffers from cross site request forgery and local file inclusion vulnerabilities.