>> CATEGORY: exploit

LibreHealth version 2.0.0 suffers from arbitrary file read, file delete, and local file inclusion vulnerabilities.

PlayJoom version 0.10.1 suffers from a remote SQL injection vulnerability.

…

Cradlepoint routers suffer from password disclosure, weak password storage, and privilege escalation vulnerabilities.

OOP CMS BLOG version 1.0 suffers from a cross site request forgery vulnerability.

Grocery Crud version 1.6.1 suffers from a remote SQL injection vulnerability.

Blue Server version 1.1 suffers from a denial of service vulnerability.

FaceTime suffers from a stack corruption vulnerability in readSPSandGetDecoderParams.

Dell OpenManage Network Manager exposes a MySQL listener that can be accessed with default credentials. This MySQL service is running as the root user, so an attacker can exploit this…

There is a heap corruption vulnerability in VCPDecompressionDecodeFrame which is called by FaceTime. This bug can be reached if a user accepts a call from a malicious peer.