SOUND4 IMPACT/FIRST/PULSE/Eco 2.x dns.php Command Injection
Authored by LiquidWorm | Site zeroscience.mk
SOUND4 IMPACT/FIRST/PULSE/Eco version 2.x and below suffer from a conditional command injection vulnerability in dns.php.
Change Mirror Download
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (dns.php) Conditional Command InjectionVendor: SOUND4...
Spitfire CMS 1.0.475 PHP Object Injection
Authored by LiquidWorm | Site zeroscience.mk
Spitfire CMS version 1.0.475 is prone to a PHP object injection vulnerability due to the unsafe use of unserialize() function. A potential attacker, authenticated,...
CANAL+ / Microsoft PlayReady Cryptography Shortcomings / Authorization Bypass
Authored by Adam Gowdiak | Site security-explorations.com
Security Explorations conducted a security analysis of Microsoft Play Ready content protection technology in the environment of the CANAL+ SAT TV provider. As...
Trojan-Dropper.Win32.Decay.dxv (CyberGate 1.00.0) MVID-2022-0664 Insecure Proprietary Password Encryption
Authored by malvuln | Site malvuln.com
Trojan-Dropper.Win32.Decay.dxv (CyberGate 1.00.0) malware suffers from an insecure proprietary password encryption vulnerability.
Change Mirror Download
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source:...
Shoplazza 1.1 Cross Site Scripting
Authored by Andrey Stoykov
Shoplazza version 1.1 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: Shoplazza 1.1 - Stored Cross Site Scripting# Exploit Author: Andrey Stoykov#...
Backdoor.Win32.InCommander.17.b MVID-2022-0665 Hardcoded Credentials
Authored by malvuln | Site malvuln.com
Backdoor.Win32.InCommander.17.b malware suffers from a hardcoded credential vulnerability.
Change Mirror Download
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source: https://malvuln.com/advisory/dd76d8a5874bf8bf05279e35c68449ca.txtContact: [email protected]: twitter.com/malvulnBackup media:...
Ransom.Win64.AtomSilo MVID-2022-0666 Cryptography Logic Flaw
Authored by malvuln | Site malvuln.com
Ransom.Win64.AtomSilo malware suffers from a cryptography logic flaw.
Change Mirror Download
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source: https://malvuln.com/advisory/5559e9f5e1645f8554ea020a29a5a3ee.txtContact: [email protected]: twitter.com/malvulnBackup media:...
Intelbras WiFiber 120AC inMesh 1.1-220216 Command Injection
Authored by T. Weber | Site cyberdanube.com
Intelbras WiFiber 120AC inMesh version 1.1-220216 suffers from an authenticated command injection vulnerability.
advisories | CVE-2022-40005
Change Mirror Download
CyberDanube Security Research 20221009-0------------------------------------------------------------------------------- ...
SAP@ Host Agent Privilege Escalation
Authored by Fabian Hagg | Site sec-consult.com
SAP@ Host Agent suffers from a privilege escalation vulnerability.
advisories | CVE-2022-35295
Change Mirror Download
SEC Consult Vulnerability Lab Security Advisory < 20221213-0 >======================================================================= ...
ILIAS eLearning 7.15 Command Injection / XSS / LFI / Open Redirect
Authored by Anna Hartig, Niklas Schilling, Constantin Schwarz | Site sec-consult.com
ILIAS eLearning versions 7.15 and below suffer from authenticated command injection, persistent cross site scripting, local file inclusion, and...





