WordPress version 4.9.6 arbitrary file deletion exploit. Original discovery of this vulnerability is attributed to VulnSpy in June of 2018.
Gestionale Open version 11.00.00 suffers from a local privilege escalation vulnerability.
FreeSWITCH versions 1.10.5 and below fail to authenticate SIP SUBSCRIBE requests by default.
FreeSWITCH versions 1.10.6 and below suffer from a denial of service vulnerability when handling invalid SRTP packets.
FreeSWITCH versions 1.10.6 and below suffer from a denial of service vulnerability when handling invalid SRTP packets.
WordPress Plugin Filterable Portfolio Gallery 1.0 – ‘title’ Stored Cross-Site Scripting (XSS)
WordPress Plugin Filterable Portfolio Gallery 1.0 – ‘title’ Stored Cross-Site Scripting (XSS)
OpenClinic GA 5.194.18 – Local Privilege Escalation
Balbooa Joomla Forms Builder 2.0.6 – SQL Injection (Unauthenticated)
Apache HTTP Server 2.4.50 – Remote Code Execution (RCE) (2)