A vulnerability laboratory researcher (vxrl team) discovered a remote code execution vulnerability in the TortoiseSVN v1…
Azorult Botnet – SQL Injection
Agent Tesla Botnet – Arbitrary Code Execution
Master Data Online version 2.0 suffers from a cross site scripting vulnerability.
Mitel 6869i Voip Deskphone version 4.2.2032 suffer from an unauthenticated command injection vulnerability.
An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. The Ticket creation form allows users to upload files along with queries. It was found that the…
An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically from unvalidated…
An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup/install.php. It was observed that no input sanitization was provided in the firstname…
VxWorks 6.8 – TCP Urgent Pointer = 0 Integer Underflow
BSI Advance Hotel Booking System 2.0 – ‘booking_details.php Persistent Cross-Site Scripting