FlexAir Access Control versions 2.3.38 and below remote root command injection exploit.
cb717b6ad90bc22e69a5212d52b87a75df347efe9a4d23597caf7aa0014e3f70Whitepaper called I Own Your Building (Management System). It discusses various systems used to manage buildings and associated vulnerabilities with them.
ff76ce112f91478ee9e0a757f659ce695f5c01de979be62af818e2f7a2659621Linear eMerge50P/5000P 4.6.07 remote code execution exploit.
1c8c73c8e7225f43b4980da9440953c70717fce0b2c066cb414a097b8ce59ed3Computrols CBAS-Web versions 19.0.0 and below unauthenticated remote command injection exploit.
2625854a601ed5d2bf080e9961100c719f824891f08c781adbbfbda8c715689aVTech DigiGo with firmware 83.60630 suffers from a browser overlay attack vulnerability.
a08bb9d4f448fbb6f9f63a559f19f3797bec827496e85a2dc0d075a49501d4feVTech DigiGo with firmware version 83.60630 fails to perform validation of TLS certificates.
f9da9299e285b5c8f647f4ba06b7a3c22775d378407e62fae4db31ce2e6430e4VTech DigiGo with firmware version 83.60630 fails to perform certificate pinning in some flows.
fbc2e5441ec18dd6ee8c571c38633af18aa0a410698dad29af738dc875633979Virtuozzo Power Panel (VZPP) and Automator version 6.1.2 suffers from a buffer over-read vulnerability.
7be26c32161b9c5bdd16002cd161843f760e5431f129b4470ea901ed6ebe8986WordPress version 4.5.3 Press This Function suffers from a cross site request forgery vulnerability that can cause a denial of service condition.
de145ef3bc873acf8a99d1111a4fd9c6935562c58f6699d854cbf9913dc87e88WordPress Image Gallery plugin version 1.9.65 suffers from a persistent cross site scripting vulnerability.
0bb0d94ef5393df1da4ec3d3dd81c9738261921d4c15cfd9d9d4d0d680c19febWordPress Instagram Feed plugin version 1.4.6.2 suffers from cross site request forgery and cross site scripting vulnerabilities.
8c232c763429aed63e5b28b16fa33e0f73a8715bf58d2dc309b8f4d2b55e9e39WordPress W3 Total Cache plugin version 0.9.4.1 suffers from a cross site scripting vulnerability.
dad348fbfcafead56be5e0cbe894d149a654cc0e0a985c5d4ecbd785eae06fffAn information disclosure vulnerability was found in the W3 Total Cache plugin. This issue allows an attacker to hijack sensitive information, such as the administrator's session cookie. Exploiting the vulnerability is possible during a short period of time when an administrator submits the support form. Version 0.9.4.1 is affected.
7a6aaf418ea8e714659aa334b04274d3631ce06a115fe6141fe555d1aa58a51dWordPress Google Maps plugin version 6.3.14 suffers from a cross site request forgery vulnerability.
f561f52225402b48f3f253963d3a14e7732f445a9eb81cedba6aa67394d63d00A vulnerability in the validation of Amazon SNS messages was found in the W3 Total Cache plugin. This issue allows an attacker to perform a variety of actions concerning the server's cache, which may result in a denial of service attack. Version 0.9.4.1 is affected.
59cce5048bc779a87a1b48d11a7eaae8585ecf4fcf88a05433fae03944d7dfd8WordPress Woocommerce version 2.6.2 suffers from an API related cross site scripting vulnerability.
966ca6305221b6545964485545c9145c5f9af5bec2754630836e28af8722fec3WordPress InfiniteWP Admin Panel version 2.8.0 suffers from an authorization bypass vulnerability.
f0a3fd0adecee87dc4703e392a9724bd2a0c46a482e40d6e291bed9f76b941deWordPress InfiniteWP Admin Panel version 2.8.0 suffers from a command injection vulnerability.
9a2f56e0d388524d1d706460eeac6bad439c42e829699ec509f6b08b7ba95106WordPress MailPoet Newsletters 2.7.2 suffers from a cross site scripting vulnerability.
40cda53c6d2f269be14469db80a095b9ca3c018394ed435682d0e8b2bf87c80fWordPress All-In-On Security and Firewall plugin version 4.1.2 suffers from multiple CAPTCHA bypass vulnerabilities.
c84fb0a5553b928adc93a094721388affd5ba2494ec669021d333fcfb5d92381
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed