The FLIR Brickstream 3D+ sensor is vulnerable to unauthenticated config download and file disclosure vulnerability when calling the ExportConfig REST API (getConfigExportFile.cgi). This will enable the attacker to disclose sensitive…
>> CATEGORY: exploit
The FLIR Brickstream 3D+ sensor is vulnerable to unauthenticated and unauthorized live RTSP video stream access.
This Metasploit module exploits a vulnerability in RSH on unpatched Solaris systems which allows users to gain root privileges. The stack guard page on unpatched Solaris systems is of insufficient…
Library CMS version 2.1.1 suffers from a cross site scripting vulnerability.
WordPress Support Board plugin version 1.2.3 suffers from a persistent cross site scripting vulnerability.
An independent vulnerability laboratory researcher discovered a local buffer overflow vulnerability in the official Easy…
HaPe PKH version 1.1 suffers from a remote SQL injection vulnerability.
Cockpit CMS suffers from cross site request forgery, cross site scripting, and traversal vulnerabilities. Version 0.6.2 should address these issues.
Phoenix Contact WebVisit 2985725 suffers from an authentication bypass vulnerability.
Teltonika RUT9XX routers with firmware before 00.04.233 are prone to multiple unauthenticated OS command injection vulnerabilities in autologin.cgi and hotspotlogin.cgi due to insufficient user input sanitization. This allows remote attackers…