GeoServer < 2.19.6 Insecure Deserialization

According to its banner, the version of GeoServer running on the remote host is prior to 2.19.6 or 2.20.0 2.20.4. It is, therefore, affected by an Insecure Deserialization Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version...

CVE-2020-15152 Server-Side Request Forgery in ftp-srv

ftp-srv is an npm package which is a modern and extensible FTP server designed to be simple yet configurable. In ftp-srv before versions 2.19.6, 3.1.2, and 4.3.4 are vulnerable to Server-Side Request Forgery. The PORT command allows arbitrary IPs which can be used to cause the server to make a...

CoolPlayer+ Portable 2.19.6 Stack Overflow

Exploit Title: CoolPlayer+ Portable build 2.19.6 - .m3u Stack Overflow Egghunter+ASLR bypass Exploit Author: Karn Ganeshen Download link: https://sourceforge.net/projects/portableapps/files/CoolPlayer%2B%20Portable/CoolPlayerPlusPortable2.19.6.paf.exe/download?usemirror=liquidtelecom Version:...

JVN#65542239 Hyper NIKKI System allows unauthorized email submission

Impact An attacker could use the server to send unauthorized emails. In addition, when the server provides email service, the attacker could possibly conduct a DoS attack by generating many bounced emails. Solution Products Affected hns-2.19.6 hns-lite-2.19.6 and earlier On March 8 2006, the vend...