Microsoft Windows has a flaw where a contact file can be leveraged with a malicious mailto: link to achieve code execution.
>> CATEGORY: exploit
DNN version 9.1 suffers from a cross site scripting issue that can be achieved via an XML vulnerability.
Abantecart version 1.2.12 suffers from a cross site scripting vulnerability.
Coppermine version 1.5.46 suffers from multiple cross site scripting vulnerabilities.
Ghostscript has an issue with pseudo-operators that can lead to remote code execution. Version 9.26 is affected.
This Metasploit module attempts to gain root privileges on Linux systems using setuid executables compiled with AddressSanitizer (ASan). ASan configuration related environment variables are permitted when executing setuid executables built…
Pydio / AjaXplorer versions 5.0.3 and below suffer from directory traversal and remote shell upload vulnerabilities.
Kepler Wallpaper Script version 1.1 suffers from a remote SQL injection vulnerability.
Linux kernel version 4.13 suffers from a compat_get_timex() kernel pointer leak vulnerability.
Joomla FPSS Art Frontpage Slideshow component version 1.6.0 suffers from database disclosure, open redirection, and remote SQL injection vulnerabilities.