JDA Connect CSRF / Command Execution / Exposed JMX Service

Introduction ============ Multiple critical vulnerabilities were identified in JDA Connect. The vulnerabilities were discovered during a black box security assessment and therefore the vulnerability list should not be considered exhaustive. Affected Software and Versions...

CVE-2018-6389 WordPress Parameter Resource Consumption Remote DoS

Yesterday Monday, February 5, 2018, a zero-day vulnerability in WordPress core was disclosed, which allows an attacker to perform a denial of service DoS attack against a vulnerable application. The vulnerability exists in the modules used to load JS and CSS files. These modules were designed to...

FLIR Systems FLIR Thermal Camera FC-S/PT Authenticated OS Command Injection

Summary Get the best image detail in challenging imaging environments with the FLIR FC-Series S thermal network camera. The award-winning FC-Series S camera sets the industry standard for high-quality thermal security cameras, ideal for perimeter protection applications. The FC-Series S is capabl...

OV3 Online Administration 3.0 - Remote Code Execution

OV3 Online Administration 3.0 - Remote Code Execution !-- OV3 Online Administration 3.0 Authenticated Code Execution Vendor: novaCapta Software & Consulting GmbH Product web page: http://www.meacon.de Affected version: 3.0 Summary: With the decision to use the OV3 as a platform for your data...