85 matches found
CVE-2020-11882
The O2 Business application 1.2.0 for Android exposes the canvasm.myo2.SplashActivity activity to other applications. The purpose of this activity is to handle deeplinks that can be delivered either via links or by directly calling the activity. However, the deeplink format is not properly...
File Upload Vulnerability in the Backend of UWA Universal Building System
UWA is a general-purpose website builder based on PHP and MySQL. UWA general-purpose site-building system background file upload vulnerability , the vulnerability is due to the UWA background allows customized php template files , and in the saving of the content of the PHP file does not do the...
CVE-2018-17660
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
NVIDIA Driver - UVMLiteController ioctl Handling Unchecked InputOutput Lengths Privilege Escalation
NVIDIA Driver - UVMLiteController ioctl Handling Unchecked InputOutput Lengths Privilege Escalation / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=880 The \.\UVMLiteController device is created by the nvlddmkm.sys driver, and can be opened by any user. The driver handles...
SN News 1.2 - '/admin/loger.php' Authentication Bypass
SN News Date: 06/06/2012 Version: 1.2 Software Link: http://phpbrasil.com/script/JHnpFRmSBqlf/sn-news ISRAEL Author will be not responsible for any damage. Vulnerable Code - /admin/logar.php 4-15: 4.$login = $POST"login"; 5.$senha = $POST"senha"; 6.$sql = "select from newsadm where login='$login'...