>> CATEGORY: exploit

TP-Link TL-WA850RE suffers from a remote command execution vulnerability.

Apache CouchDB versions prior to 2.1.0 remote code execution proof of concept exploit.

Orchid Core VMS is vulnerable to a directory traversal attack. This affects Linux and Windows operating systems. This allows a remote, unauthenticated attacker to send crafted GET requests to the…

LFCMS version 3.7.0 suffers from an add user cross site request forgery vulnerability.

NewMark CMS version 2.1 suffers from a remote SQL injection vulnerability.

The vulnerability laboratory core research team discovered an application-side validation and filter bypass vulnerabilit…

The activator for Desktop Bridge applications calls CreateAppContainerToken while running as a privileged account leading to creation of arbitrary object directories leading to privilege escalation.

The handling of the virtual registry for desktop bridge applications can allow an application to create arbitrary files as system resulting in privilege escalation. This is because the fix for…

Tapplock Smart Lock suffers from multiple insecure direct object reference vulnerabilities.

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace (aka eval) modifier, which might allow remote attackers…