KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 suffers from a privilege escalation vulnerability. The non-privileged default user (user:user123) can elevate his/her privileges by sending a HTTP GET request to the…

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 suffers an insufficient session expiration. This occurs when the web application permits an attacker to reuse old session credentials or session IDs for…

FastStone Image Viewer version 7.5 stack-based buffer overflow exploit with ASLR and DEP bypass.

Microsoft Exchange 2019 proxylogon server-side request forgery to arbitrary file write exploit.

Sony Playstation 4 (PS4) versions prior to 7.55 webkit jailbreak exploit.

VestaCP version 0.9.8 suffers from a persistent cross site scripting vulnerability. Original discovery of persistent cross site scripting was discovered in this version in February of 2016 by Necmettin COSKUN.

rConfig version 3.9.6 suffers from a remote shell upload vulnerability.

VFS for Git version 1.0.21014.1 suffers from an unquoted service path vulnerability.

SEO Panel version 4.8.0 suffers from a remote blind SQL injection vulnerability.