Covid-19 Contact Tracing System 1.0 SQL Injection

============================================================================================================================================= | Title : Covid-19 Contact Tracing System 1.0 auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefo...

Infinity Market Classified Ads Script 1.6.2 Cross Site Scripting

==================================================================================================================================== | Title : Infinity Market Classified Ads Script 1.6.2 xss via file uploads Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor...

ArabInfotech CMS 2.0.1 Cross Site Scripting

==================================================================================================================================== | Title : ArabInfotech CMS v 2.0.1 L.L.C Xss Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor : http://www.editpubdz.com/ |...

Wizcyb Interactive 2.0 SQL Injection

==================================================================================================================================== | Title : wizcyb interactive v2.0 auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

SUSE CVE-2012-3507

Cross-site scripting XSS vulnerability in program/steps/mail/func.inc in RoundCube Webmail before 0.8.0, when using the Larry skin, allows remote attackers to inject arbitrary web script or HTML via the email message subject...

PNGDec 安全漏洞

PNGDec is an Arduino PNG image decoder library from the individual developer Larry Bank. A security vulnerability exists in PNGDec, which stems from a memory allocation issue in asanmalloclinux.cpp...

JPEGDEC 安全漏洞

JPEGDEC is a JPEG decoder optimized for Arduino by the individual developer Larry Bank. JPEGDEC suffers from a security vulnerability that originates from a global buffer overflow in the JPEGDecodeMCU module of the /src/jpeg.inl file...

JPEGDEC 安全漏洞

JPEGDEC is a JPEG decoder optimized for Arduino by the individual developer Larry Bank. JPEGDEC has a security vulnerability that stems from a floating point exception in the DecodeJPEG module of the /src/jpeg.inl file...

PNGDec 资源管理错误漏洞

PNGDec is an Arduino PNG image decoder library from the individual developer Larry Bank. A security vulnerability exists in PNGDec that stems from a floating point exception in SaveBMP in the /linux/main.cpp file...

PNGDec 缓冲区错误漏洞

PNGDec is an Arduino PNG image decoder library from the individual developer Larry Bank. A security vulnerability exists in PNGDec, which stems from a stack overflow issue in /linux/main.cpp...

JPEGDEC 安全漏洞

JPEGDEC is a JPEG decoder optimized for Arduino by the individual developer Larry Bank. A security vulnerability exists in JPEGDEC that stems from a segmentation error in the fseek module of the /src/jpeg.inl file...

JPEGDEC 安全漏洞

JPEGDEC is a JPEG decoder optimized for Arduino by the individual developer Larry Bank. JPEGDEC suffers from a security vulnerability that originates from a global buffer overflow in the ucDitherBuffer module of the /src/jpeg.inl file...

JPEGDEC 安全漏洞

JPEGDEC is a JPEG decoder optimized for Arduino by the individual developer Larry Bank. JPEGDEC has a security vulnerability that stems from a floating point exception in the TIFFSHORT module of the /src/jpeg.inl file...

CVE-2018-9206

Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload = v9.22.0...

kernel security and bug fix update

2.6.32-754.2.1.OL6 - Update genkey bug 25599697 2.6.32-754.2.1 - x86 entry/64: Don't use IST entry for BP stack Waiman Long 1596113 CVE-2018-10872 - fs gfs2: Flush delayed work earlier in gfs2inodelookup Andreas Grunbacher 1506281 - mm mempolicy: fix use after free when calling getmempolicy Augus...

CVE-2015-1416

Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; Bitrig; GNU patch before 2.2.5; and possibly other patch variants allow remote attackers to execute arbitrary shell commands via a crafted patch file...

CVE-2015-1416

The CVE-2015-1416 issue affects the patch utilities used on FreeBSD and related systems. Specifically, the patch tool (patch(1)) in FreeBSD versions 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; as well as Bitrig, and GNU patch before 2.2.5, may execute...

Open Upload 3.6.28 Cross site Scripting

======================================================================== | Title : Openupload 3.6.28 Xss vulnerability | Author : indoushka | email : [email protected] | Tested on : windows 10 FranASSais V.Pro | Version : 3.6.28 | Vendor : http://wmscripti.com/ | Dork : open upload - login...

WordPress Gallery Transformation plugin 1.0 - Blind SQL Injection vulnerability

Blind SQL Injection vulnerability found by Larry W. Cashdollar in WordPress Gallery Transformation plugin 1.0 version. SQL injection vulnerability lies in ./wordpress-gallery-transformation/gallery.php file, $jpic parameter passed into an SQL query unsanitized. Solution The plugin already removed...

Oracle Linux 6 : kernel (ELSA-2017-1486)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-1486 advisory. 2.6.32-696.3.2.OL6 - Update genkey bug 25599697 2.6.32-696.3.2 - mm enlarge stack guard gap Larry Woodman 1452729 1452730 CVE-2017-1000364 CVE-2017-1000366...