7 matches found
WordPress WP Fastest Cache plugin <= 0.8.9.5 - Directory Traversal vulnerability
Directory Traversal vulnerability found by Imre Rad in WordPress WP Fastest Cache plugin versions = 0.8.9.5. Solution Update the WordPress WP Fastest Cache plugin to the latest available version at least 0.8.9.6...
Lenovo VIBE, Moto, and ZUK Mobile Phone Remote Code Execution Vulnerability - Lenovo Support US
No description provided...
Ubuntu 14.04 LTS / 16.04 LTS : wpa_supplicant and hostapd vulnerabilities (USN-3455-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3455-1 advisory. Mathy Vanhoef discovered that wpasupplicant and hostapd incorrectly handled WPA2. A remote attacker could use this issue with key...
Monsta Box WebFTP Arbitrary File Read
Application ----------- "MONSTA Box is a lightweight open-source file manager you can install on your website or server to easily manage your files through any browser." Description from the official website http://www.monstahq.com/ Vulnerability ------------- The Monsta Box WebFTP application...
PHP File Manager 0.9.8 Authentication Bypass / Code Execution
PHP File Manager 0.9.8 http://phpfm.sourceforge.net/ is vulnerable to authentication bypass due to insecure implementation of register globals emulation. An attacker is able to override the blockKeys array and thus build a valid session and access all the protected functionality including executi...
CVE-2014-7954 MTP path traversal vulnerability in Android
MTP path traversal vulnerability in Android 4.4 ----------------------------------------------- doSendObjectInfo method of the MtpServer class implemented in frameworks/av/media/mtp/MtpServer.cpp does not validate the name parameter of the incoming MTP packet at all. It is possible to upload file...
Vulnerability in OpenSSL - DTLS recursion flaw
By sending an invalid DTLS handshake to an OpenSSL DTLS client the code can be made to recurse eventually crashing in a DoS attack. Only applications using OpenSSL as a DTLS client are affected. Found by Imre Rad Search-Lab Ltd...