CVE-2021-27930

Multiple stored XSS vulnerabilities in IrisNext Edition 9.5.16, which allows an authenticated or compromised user to inject malicious JavaScript in folder/file name within the application in order to grab other users’ sessions or execute malicious code in their browsers 1-click RCE...

IrisNext 跨站脚本漏洞

IRIS IrisNext is a document management solution from IRIS Luxembourg designed to manage, protect and use your company's information. A security vulnerability exists in IrisNext that allows an authenticated or threatened user to inject malicious JavaScript into the application's folder filenames t...

CVE-2021-35959

In Plone 5.0 through 5.2.4, Editors are vulnerable to XSS in the folder contents view, if a Contributor has created a folder with a SCRIPT tag in the description field...

CVE-2021-35959

In Plone 5.0 through 5.2.4, Editors are vulnerable to XSS in the folder contents view, if a Contributor has created a folder with a SCRIPT tag in the description field...

Design/Logic Flaw

In Plone 5.0 through 5.2.4, Editors are vulnerable to XSS in the folder contents view, if a Contributor has created a folder with a SCRIPT tag in the description field...

PYSEC-2021-110

In Plone 5.0 through 5.2.4, Editors are vulnerable to XSS in the folder contents view, if a Contributor has created a folder with a SCRIPT tag in the description field...

PYSEC-2021-110

In Plone 5.0 through 5.2.4, Editors are vulnerable to XSS in the folder contents view, if a Contributor has created a folder with a SCRIPT tag in the description field...

PS3 Players Ban: Victims of Surging Gaming Attacks

A reported breach of a Sony folder containing the serial ID numbers for every PlayStation 3 console appears to have led to users being inexplicably banned from the platform. This is just the latest in a shocking spike in attacks on unsuspecting gamers. Sony reportedly left a folder with every PS3...

Seeddms 5.1.10 Remote Command Execution

Exploit Title: Seeddms 5.1.10 - Remote Command Execution RCE Authenticated Date: 25/06/2021 Exploit Author: Bryan Leong Vendor Homepage: https://www.seeddms.org/index.php?id=2 Software Link: https://sourceforge.net/projects/seeddms/files/seeddms-5.0.11/ Version: Seeddms 5.1.10 Tested on: Windows ...

Langfang Extreme Networks Technology Co. Extreme CMS has a logic flaw vulnerability

Extreme CMS hereinafter referred to as: JIZHICMS is a free and open source PHP station building CMS system. JIZHICMS has a logic flaw vulnerability that can be exploited by an attacker to cause the conf folder to be deleted, resulting in a denial of service...

CVE-2021-35448

Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. It binds to local ports to listen for incoming connections...

CVE-2021-35448

Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. It binds to local ports to listen for incoming connections...

CVE-2021-35448

Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. It binds to local ports to listen for incoming connections...

Remote Mouse 处理逻辑错误漏洞

Remote Mouse is an application. A Remote Mouse. A Processing Logic Error vulnerability exists in Emote Interactive Remote Mouse, which originates when the application does not validate certain security operations when a user navigates to the cmd.exe file while using the Image Transfer Folder...

Remote Mouse GUI 3.008 Privilege Escalation

Exploit Title: Remote Mouse GUI 3.008 - Local Privilege Escalation Exploit Author: Salman Asad @deathflash1411, [email protected] Date: 17.06.2021 Version: Remote Mouse 3.008 Tested on: Windows 10 Pro Version 21H1 Reference: https://deathflash.ml/blog/remote-mouse-lpe Steps to reproduce: 1. Open...

Remote Mouse GUI 3.008 - Local Privilege Escalation

Exploit Title: Remote Mouse GUI 3.008 - Local Privilege Escalation Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Date: 17.06.2021 Version: Remote Mouse 3.008 Tested on: Windows 10 Pro Version 21H1 Reference: https://deathflash1411.github.io/blog/cve-2021-35448 CVE: CVE-2021-35448...

SUSE-SU-2021:2003-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 78.11 bsc1186696 Security issues fixed: - CVE-2021-29964: Out of bounds-read when parsing a WMCOPYDATA message - CVE-2021-29967: Memory safety bugs fixed in Thunderbird 78.11 General improvements: - OpenPGP could n...

The vulnerability of the Security Agent component in Trend Micro’s antivirus software solutions—Worry-Free Business Security, Apex One, and OfficeScan—allows attackers to increase their privileges.

The vulnerability of the Security Agent component in Trend Micro’s antivirus software products, namely Worry-Free Business Security, Apex One, and OfficeScan, is related to deficiencies in access control for the “Misc” folder. Exploiting this vulnerability can allow attackers to increase their...

CVE-2021-25391

Intent redirection vulnerability in Secure Folder prior to SMR MAY-2021 Release 1 allows attackers to execute privileged action...

CVE-2021-25391

Intent redirection vulnerability in Secure Folder prior to SMR MAY-2021 Release 1 allows attackers to execute privileged action...