Perten Instruments Process Plus Software 1.11.6507.0 LFI / Hardcoded Credentials
Authored by T. Weber, S. Dietz | Site cyberdanube.com
Perten Instruments Process Plus Software versions 1.11.6507.0 and below suffer from local file inclusion, hardcoded credential, and execution with unnecessary privilege...
PowerVR Dangling Page Table Entry
Authored by Jann Horn, Google Security Research
PowerVR has an issue with missing tracking of multiple sparse mappings in DevmemIntChangeSparse2() that leads to a dangling page table entry.
advisories | CVE-2024-34729
Agop CMS 1.0 Insecure Direct Object Reference
Authored by indoushka
Agop CMS version 1.0 suffers from an insecure direct object reference vulnerability.
Change Mirror Download
====================================================================================================================================| # Title : Agop CMS v1.0 IDOR Vulnerability ...
Candy Redis 2.1.2 Admin Page Disclosure
Authored by indoushka
Candy Redis version 2.1.2 appears to suffer from an administrative page disclosure issue.
Change Mirror Download
====================================================================================================================================| # Title : Candy Redis V2.1.2 HTML Form...
Clenix 1.0 Insecure Direct Object Reference
Authored by indoushka
Clenix version 1.0 suffers from an insecure direct object reference vulnerability.
Change Mirror Download
====================================================================================================================================| # Title : Clenix v1.0 IDOR Vulnerability ...
eStore CMS 2.0 SQL Injection
Authored by indoushka
eStore CMS version 2.0 suffers from a remote SQL injection vulnerability.
Change Mirror Download
====================================================================================================================================| # Title : eStore CMS v2.0 Sql injection Vulnerability ...
Xhibiter NFT Marketplace 1.10.2 Cross Site Scripting
Authored by indoushka
Xhibiter NFT Marketplace version 1.10.2 suffers from a cross site scripting vulnerability.
Change Mirror Download
====================================================================================================================================| # Title : Xhibiter NFT Marketplace 1.10.2 XSS Vulnerability...
Adobe Commerce / Magento Open Source XML Injection / User Impersonation
Authored by RedWay Security | Site github.com
Adobe Commerce and Magento Open Source are affected by an XML injection vulnerability that could result in arbitrary code execution. An attacker could...
Collateral Damage CVE-2024-30088 Privilege Escalation
Authored by carrot_c4k3, landaire | Site github.com
Collateral Damage is a kernel exploit for Xbox SystemOS using CVE-2024-30088. It targets Xbox One and Xbox Series consoles running kernel versions 25398.4478,...
Ghostscript Command Execution / Format String
Authored by Thomas Rinsma, Christophe de la Fuente | Site metasploit.com
This Metasploit module exploits a format string vulnerability in Ghostscript versions before 10.03.1 to achieve a SAFER sandbox bypass...
