CVE-2017-10948

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.1.6871. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Zomato Clone Script SQL Injection Vulnerability

Zomato Clone Script is a clone script. A SQL injection vulnerability exists in the restaurant-menu.php resid parameter of Zomato Clone Script, which can be exploited by an attacker to access or modify database data...

Sonicwall WXA5000 1.3.2-10-30 Console Jail Escape / Privilege Escalation

KL-001-2017-019 : Sonicwall WXA5000 Console Jail Escape and Privilege Escalation Title: Sonicwall WXA5000 Console Jail Escape and Privilege Escalation Advisory ID: KL-001-2017-019 Publication Date: 2017.10.24 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-019.txt 1...

CVE-2017-2131

Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB10004.47 allow an attacker to bypass access restrictions to view the configuration menu via unspecified vectors...

Authentication flaw

Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB10004.47 allow an attacker to bypass access restrictions to view the configuration menu via unspecified vectors...

CVE-2017-2131

Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB10004.47 allow an attacker to bypass access restrictions to view the configuration menu via unspecified vectors...

CVE-2017-2131

Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB10004.47 allow an attacker to bypass access restrictions to view the configuration menu via unspecified vectors...

JVN#54795166: Home unit KX-HJB1000 contains multiple vulnerabilities

Home unit KX-HJB1000 provided by Panasonic Corporation is a control system for home network. Home unit KX-HJB1000 contains multiple vulnerabilities listed below. Improper access control - CVE-2017-2131 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N| Base...

Stable Channel Updates for Chrome OS

The Stable channel has been updated to 61.0.3163.113 Platform version: 9765.76.0 for most Chrome OS devices . This build contains a number of bug fixes, security updates, and feature enhancements. Systems will be receiving updates over the next several days. Some highlights of these changes are:...

Cross site request forgery (csrf)

In GeniXCMS 1.1.4, gxadmin/index.php has XSS via the Menu ID field in a page=menus request...

CVE-2017-14765

In GeniXCMS 1.1.4, gxadmin/index.php has XSS via the Menu ID field in a page=menus request...

CVE-2017-14765

CVE-2017-14765 corresponds to a cross-site scripting (XSS) issue in GeniXCMS 1.1.4. The vulnerability is reported as XSS via the Menu ID field in gxadmin/index.php when handling a page=menus request, indicating unsanitized input in that field. The connected advisories reference GeniXCMS 1.1.4/1.1...

CVE-2017-14765

In GeniXCMS 1.1.4, gxadmin/index.php has XSS via the Menu ID field in a page=menus request...

GeniXCMS gxadmin/index.php file cross-site scripting vulnerability

MetalGenix GeniXCMS is a PHP-based content management system and framework CMSF from MetalGenix Indonesia, which provides modules for user management, content management and menu management. A cross-site scripting vulnerability exists in the gxadmin/index.php file in MetalGenix GeniXCMS version...

MSFPC - MSFvenom Payload Creator

MSFvenom Payload Creator MSFPC is a wrapper to generate multiple types of payloads, based on users choice. The idea is to be as simple as possible only requiring one input to produce their payload. Fully automating msfvenom & Metasploit is the end goal well as to be be able to automate MSFPC...

September 12, 2017—KB4038788 (OS Build 15063.608)

September 12, 2017—KB4038788 OS Build 15063.608 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue where the color profiles do not revert to the user-specified settings after...

Dolibarr ERP/CRM SQL Injection Vulnerability (CNVD-2017-32848)

Dolibarr ERP/CRM is an open source software/freeware for small and medium-sized businesses, organizations or freelancers. It includes different features such as Enterprise Resource Planning ERP and Customer Relationship Management CRM, as well as applications for other different activities. A SQL...

UBUNTU-CVE-2017-14238

SQL injection vulnerability in admin/menus/edit.php in Dolibarr ERP/CRM version 6.0.0 allows remote attackers to execute arbitrary SQL commands via the menuId parameter...

NMapGUI - Advanced Graphical User Interface for NMap

NMapGUI is an advanced graphical user interface for NMap network analysis tool. It allows to extend and ease the typical usage of NMap by providen a visual and fast interface with the application. If you have any questions about NMapGUI usage or want to get in contact with me, please visit: Twitt...

Cybozu Garoon 3.5.0 - 4.2.5 DoS Vulnerability

Cybozu Garoon is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:cybozu:garoon";...