Covid-19 Contact Tracing System 1.0 SQL Injection

============================================================================================================================================= | Title : Covid-19 Contact Tracing System 1.0 auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefo...

Infinity Market Classified Ads Script 1.6.2 Cross Site Scripting

==================================================================================================================================== | Title : Infinity Market Classified Ads Script 1.6.2 xss via file uploads Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor...

ArabInfotech CMS 2.0.1 Cross Site Scripting

==================================================================================================================================== | Title : ArabInfotech CMS v 2.0.1 L.L.C Xss Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor : http://www.editpubdz.com/ |...

Wizcyb Interactive 2.0 SQL Injection

==================================================================================================================================== | Title : wizcyb interactive v2.0 auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

SUSE CVE-2012-3507

Cross-site scripting XSS vulnerability in program/steps/mail/func.inc in RoundCube Webmail before 0.8.0, when using the Larry skin, allows remote attackers to inject arbitrary web script or HTML via the email message subject...

JPEGDEC 安全漏洞

JPEGDEC is a JPEG decoder optimized for Arduino by the individual developer Larry Bank. JPEGDEC suffers from a security vulnerability that originates from a global buffer overflow in the JPEGDecodeMCU module of the /src/jpeg.inl file...

PNGDec 资源管理错误漏洞

PNGDec is an Arduino PNG image decoder library from the individual developer Larry Bank. A security vulnerability exists in PNGDec that stems from a floating point exception in SaveBMP in the /linux/main.cpp file...

PNGDec 安全漏洞

PNGDec is an Arduino PNG image decoder library from the individual developer Larry Bank. A security vulnerability exists in PNGDec, which stems from a memory allocation issue in asanmalloclinux.cpp...

JPEGDEC 安全漏洞

JPEGDEC is a JPEG decoder optimized for Arduino by the individual developer Larry Bank. JPEGDEC suffers from a security vulnerability that originates from a global buffer overflow in the ucDitherBuffer module of the /src/jpeg.inl file...

JPEGDEC 安全漏洞

JPEGDEC is a JPEG decoder optimized for Arduino by the individual developer Larry Bank. JPEGDEC has a security vulnerability that stems from a floating point exception in the DecodeJPEG module of the /src/jpeg.inl file...

PNGDec 缓冲区错误漏洞

PNGDec is an Arduino PNG image decoder library from the individual developer Larry Bank. A security vulnerability exists in PNGDec, which stems from a stack overflow issue in /linux/main.cpp...

JPEGDEC 安全漏洞

JPEGDEC is a JPEG decoder optimized for Arduino by the individual developer Larry Bank. A security vulnerability exists in JPEGDEC that stems from a segmentation error in the fseek module of the /src/jpeg.inl file...

JPEGDEC 安全漏洞

JPEGDEC is a JPEG decoder optimized for Arduino by the individual developer Larry Bank. JPEGDEC has a security vulnerability that stems from a floating point exception in the TIFFSHORT module of the /src/jpeg.inl file...

CVE-2018-9206

Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload = v9.22.0...

kernel security and bug fix update

2.6.32-754.2.1.OL6 - Update genkey bug 25599697 2.6.32-754.2.1 - x86 entry/64: Don't use IST entry for BP stack Waiman Long 1596113 CVE-2018-10872 - fs gfs2: Flush delayed work earlier in gfs2inodelookup Andreas Grunbacher 1506281 - mm mempolicy: fix use after free when calling getmempolicy Augus...

CVE-2015-1416

Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; Bitrig; GNU patch before 2.2.5; and possibly other patch variants allow remote attackers to execute arbitrary shell commands via a crafted patch file...

CVE-2015-1416

The CVE-2015-1416 issue affects the patch utilities used on FreeBSD and related systems. Specifically, the patch tool (patch(1)) in FreeBSD versions 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; as well as Bitrig, and GNU patch before 2.2.5, may execute...

Open Upload 3.6.28 Cross site Scripting

======================================================================== | Title : Openupload 3.6.28 Xss vulnerability | Author : indoushka | email : [email protected] | Tested on : windows 10 FranASSais V.Pro | Version : 3.6.28 | Vendor : http://wmscripti.com/ | Dork : open upload - login...

WordPress Gallery Transformation plugin 1.0 - Blind SQL Injection vulnerability

Blind SQL Injection vulnerability found by Larry W. Cashdollar in WordPress Gallery Transformation plugin 1.0 version. SQL injection vulnerability lies in ./wordpress-gallery-transformation/gallery.php file, $jpic parameter passed into an SQL query unsanitized. Solution The plugin already removed...

Oracle Linux 6 : kernel (ELSA-2017-1486)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-1486 advisory. 2.6.32-696.3.2.OL6 - Update genkey bug 25599697 2.6.32-696.3.2 - mm enlarge stack guard gap Larry Woodman 1452729 1452730 CVE-2017-1000364 CVE-2017-1000366...