11 matches found
The Q1 vulnerability pulse
Welcome to this week's edition of the Threat Source newsletter. The first quarter of 2026 passed faster than a misconfigured firewall rule gets exploited -- and the last few weeks have been firmly stamped with the "software supply chain compromise" label, with headlines surrounding incidents...
CVE-2026-0964
A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misused to create malicious executable or configuration files and make the user execute them under specific consequences. This is the same issue...
EUVD-2013-7218
Malware in sbrugna...
EUVD-2013-0004
Malware in sbrugna...
Exploit for Code Injection in Phpmyadmin
minervais.com.phpMyAdminRCE.sh phpMyAdmin '/scripts/setup.php'...
Tizen Studio 1.3 Smart Development Bridge Buffer Overflow
Exploit Title: Smart Development Bridge =2.3.2 part of Tizen Studio 1.3 Windows x86/x64 - Buffer Overflow PoC Date: 22.10.17 Exploit Author: Marcin Kopec Vendor Homepage: https://developer.tizen.org/ Software Link: https://developer.tizen.org/development/tizen-studio/download Version: 2.3.0, 2.3....
GLPI 0.85.5 Remote Code Execution / File Upload
Exploit Title: GLPI 0.85.5 RCE through file upload filter bypass Date: September 7th, 2015 Exploit Author: Raffaele Forte Vendor Homepage: http://www.glpi-project.org/ Software Link: https://forge.glpi-project.org/attachments/download/2093/glpi-0.85.5.tar.gz Version: GLPI 0.85.5 Tested on: CentOS...
GLPI 0.85.5 - RCE Through File Upload Filter Bypass Vulnerability
Exploit for php platform in category web applications Exploit Title: GLPI 0.85.5 RCE through file upload filter bypass Date: September 7th, 2015 Exploit Author: Raffaele Forte Vendor Homepage: http://www.glpi-project.org/ Software Link:...
SpagoBI 4.0 - Persistent XSS Vulnerability
Exploit for php platform in category web applications 1. Vulnerability Information CVE reference: CVE-2013-6232 CVSS v2 Base Score: 4 CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N Component/s: SpagoBI Class: Input Manipulation 2. Introduction SpagoBI1 is an Open Source Business Intelligence suite,...
SpagoBI 4.0 Privilege Escalation
Advisory Information Title: Remote Privilege Escalation in SpagoBI Date published: 2013-02-28 Date of last update: 2013-02-28 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: High 02. Vulnerability Information CVE reference: CVE-2013-6231 CVSS v2 Base Score: 9...
QuiXplorer directory traversal
Title: QuiXplorer directory traversal Affects: = QuiXplorer 2.3 Effect: file disclosure, web server's user read access Id: cbsa-0003 Release Date: 2004 08 14 Author: Cyrille Barthelemy [email protected] -- 1. Introduction ------------------ From QuiXplorer documentation : "QuiXplorer is a...