DotNetNuke Events Calendar module version 1.x suffers from a file download vulnerability.
>> CATEGORY: exploit
SeoToaster Ecommerce version 3.0.0 suffers from a local file inclusion vulnerability.
phpTransformer version 2016.9 suffers from a remote SQL injection vulnerability.
phpTransformer version 2016.9 suffers from a directory traversal vulnerability.
Joomla! version 3.9.1 suffers from a persistent cross site scripting vulnerability in the global configuration textfilter settings.
Kentix MultiSensor-LAN versions 5.63.00 and below suffer from an authentication bypass vulnerability. The web based application is not using a usual session concept with a session cookie for managing authenticated…
Microsoft Edge has an issue where NewScObjectNoCtor and InitProto opcodes are treated as having no side effects, but actually they can have via the SetIsPrototype method of the type handler…
Check Point ZoneAlarm version 8.8.1.110 suffers from a local privilege escalation vulnerability.
In Microsoft Edge, the JsBuiltInEngineInterfaceExtensionObject::InjectJsBuiltInLibraryCode method is used to execute JsBuiltIn.js which initializes some builtin objects. Because it is essentially written in JavaScript, it needs to clear the disable-implicit-call flag…
Joomla ZHYandexMap component version 8.0.0.2 suffers from a database disclosure vulnerability.