ABB Cylon Aspect 3.08.02 (aspectMemory.php) Arbitrary Heap Memory Configuration

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description An authenticated access vulnerability in the aspectMemory.php script ...

SOYAL Biometric Access Control System 5.0 Weak Default Credentials

Summary Soyal Access systems are built into Raytel Door Entry Systems and are providing access and lift control to many buildings from public and private apartment blocks to prestigious public buildings. Description The web control panel uses weak set of default administrative credentials no...

HTMLy 2.7.4 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Multiple Cross-Site Scripting Vulnerabilities in HTMLy 2.7.4 Information -------------------- Advisory by Netsparker Name: Cross-Site Scripting Vulnerabilities in HTMLy 2.7.4 Affected Software: HTMLy Affected Versions: 2.7.4 Homepage:...

Crouzet em4 soft 1.1.04 and M3 soft 3.1.2.0 Insecure File Permissions

Summary em4 is more than just a nano-PLC. It is a leading edge device supported by best-in-class tools that enables you to create and implement the smartest automation applications. Millenium 3 M3 is easy to program and to implement, it enables the control and monitoring of machines and automatio...

Redaxo CMS 5.0.0 Cross Site Scripting / SQL Injection

=== LSE Leading Security Experts GmbH - Security Advisory 2016-01-18 === Redaxo CMS contains multiple vulnerabilities ------------------------------------------------------------- Problem Overview ================ Technical Risk: high Likelihood of Exploitation: medium Vendor:...

Manage Engine Applications Manager 12 - Multiple Vulnerabilities

Exploit for multiple platform in category web applications Manage Engine Applications Manager 12 Multiple Vulnerabilities Vendor Product Description - ManageEngine Applications Manager is an application performance monitoring solution that proactively monitors business applications and help...

DataTables Security Advisory - XSS Vulnerability - CVE-2015-6584

Information -------------------- Advisory by Netsparker. Name: XSS Vulnerability in DataTables Affected Software : DataTables Affected Versions : 1.10.8 and possibly below Vendor Homepage : https://github.com/DataTables/DataTables Vulnerability Type : Cross-site Scripting Severity : Important...

Yahoo! Messenger 11.5.0.228 Buffer Overflow

ADVISORY INFORMATION-----------------------Product: Yahoo! MessengerVendor URL: www.yahoo.comType: Stack-based Buffer Overflow CWE-121Date found: 2014-05-02Date published: 2015-09-03CVSSv3 Score: 4,8 AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:LCVE: CVE-2014-7216 VERSIONS AFFECTED--------------------Yahoo!...

WordPress Plugin SEO by Yoast 1.7.3.3 - Blind SQL Injection

WordPress Plugin SEO by Yoast 1.7.3.3 - Blind SQL Injection Title: WordPress SEO by Yoast = 1.7.3.3 - Blind SQL Injection Version/s Tested: 1.7.3.3 Patched Version: 1.7.4 CVSSv2 Base Score: 9 AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C CVSSv2 Temporal Score: 7...

Absolut Engine 1.73 - Multiple Vulnerabilities

CMS Absolute Engine version 1.73 suffers from cross site scripting and remote SQL injection vulnerabilities. Advisory: Multiple SQL Injections and Reflecting XSS in Absolut Engine v.1.73 CMS Author: Steffen Rösemann Affected Software: CMS Absolut Engine v. 1.73 Vendor URL:...

Aprox CMS Engine 5 (1.0.4) - Local File Inclusion Vulnerability

No description provided by source. 01010111 01001001 01010010 01000101 01000100 01010011 - 01000101 01000011 01010101 01010010 01001001 01010100 - 01011001 ADVISORY: APROX CMS ENGINE V5.1.0.4 LOCAL FILE INCLUSION LFI || 0x00: ABOUT ME || 0x01: DATELINE || 0x02: INFORMATION || 0x03: EXPLOITATION |...

ViArt Shop Enterprise 4.1 Arbitrary Command Execution Vulnerability

No description provided by source. ?php / ViArt Shop Enterprise 4.1 Arbitrary Command Execution Vulnerability Vendor: ViArt Software Product web page: http://www.viart.com Affected version: 4.1, 4.0.8, 4.0.5 Summary: Viart Shop is a PHP based e-commerce suite, aiming to provide everything you nee...

[SECURITY] Stored Cross Site Scripting in Ektron CMS 8.7

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Stored Cross Site Scripting in Ektron CMS 8.7 CVE reference: CVE-2014-2729 Affected platforms: Ektron Web Content Management System Version: 8.7.0 Date: 2013-December-19 Security risk: Medium CVSS - AV:N/AC:L/Au:S/C:P/I:P/A:N Researcher: Joseph Zeng...

ViArt Shop Enterprise 4.1 Arbitrary Command Executio

?php / ViArt Shop Enterprise 4.1 Arbitrary Command Execution Vulnerability Vendor: ViArt Software Product web page: http://www.viart.com Affected version: 4.1, 4.0.8, 4.0.5 Summary: Viart Shop is a PHP based e-commerce suite, aiming to provide everything you need to run a successful on-line...

BeVivid WMS Blind SQL Injection

========================================================================= BeVivid WMS - Website Management System links.php?id= Blind-SQL-i Vulnerability ==========================================================================...

Mevlana Content Management System SQL-i Vulnerability

Exploit for php platform in category web applications +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= +=+=+= +=+=+= +=+=+= /\ | | | | +=+=+= +=+=+= / \ | || | / / | \ | |\ \ / \ / / +=+=+= +=+=+= / /\ | || | // | | | | / | | \ / / / +=+=+= +=+=+= / \ | | | | | | ...

Local privilege escalation vulnerability in Protector Plus Antivirus (Proland Software)

ShineShadow Security Report 15092009-09 TITLE Local privilege escalation vulnerability in Protector Plus antivirus software BACKGROUND Protector Plus range of antivirus products are known the world over for their efficiency and reliability. Protector Plus Antivirus Software is available for Windo...

Attachmax Dolphin 2.1.0 - Multiple Vulnerabilities

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV101$2008 ----------------------------------------------------------------------------------------- ECHOADV101$2008 Attachmax Dolphin = 2.1.0 Multiple Vulnerability...

Aprox CMS Engine 5.1.0.4 - Local File Inclusion

Aprox CMS Engine 5.1.0.4 - Local File Inclusion 01010111 01001001 01010010 01000101 01000100 01010011 - 01000101 01000011 01010101 01010010 01001001 01010100 - 01011001 ADVISORY: APROX CMS ENGINE V5.1.0.4 LOCAL FILE INCLUSION LFI || 0x00: ABOUT ME || 0x01: DATELINE || 0x02: INFORMATION || 0x03:...

Pre News Manager <= 1.0 (index.php id) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================== Pre News Manager = 1.0 index.php id SQL Injection Vulnerability ================================================================== \ /\ \ / | \ \ | / \ // / | \ | \ \ Y...