Acoustica Pianissimo 1.0 Build 12 (Registration ID) Buffer Overflow PoC

Summary Pianissimo virtual piano uses a combination of sample playback and advanced physical modeling to create a stunning acoustic grand piano sound. Starting with 250 MB of high quality samples of a Steinway™ Model D grand piano, Pianissimo uses complex signal processing and programming to...

WordPress MiwoFTP Plugin 1.0.5 CSRF Arbitrary File Deletion Exploit

Summary MiwoFTP is a smart, fast and lightweight file manager plugin that operates from the back-end of WordPress. Description Input passed to the 'selitems' parameter is not properly sanitised before being used to delete files. This can be exploited to delete files with the permissions of the we...

WordPress MiwoFTP Plugin 1.0.5 CSRF Arbitrary File Creation Exploit (RCE)

Summary MiwoFTP is a smart, fast and lightweight file manager plugin that operates from the back-end of WordPress. Description MiwoFTP WP Plugin suffers from a cross-site request forgery remote code execution vulnerability. The application allows users to perform certain actions via HTTP requests...

WordPress MiwoFTP Plugin 1.0.5 Multiple CSRF XSS Vulnerabilities

Summary MiwoFTP is a smart, fast and lightweight file manager plugin that operates from the back-end of WordPress. Description MiwoFTP WP Plugin suffers from multiple cross-site request forgery and xss vulnerabilities. The application allows users to perform certain actions via HTTP requests...

Balero CMS v0.7.2 Multiple JS/HTML Injection Vulnerabilities

Summary Balero CMS is an open source project that can help you manage the page of your company with just a few guided steps, minimizing the costs that many companies make to have your advertising medium and/or portal. Description Input passed to the 'content' POST parameter and the cookie 'counte...

Balero CMS v0.7.2 Multiple Blind SQL Injection Vulnerabilities

Summary Balero CMS is an open source project that can help you manage the page of your company with just a few guided steps, minimizing the costs that many companies make to have your advertising medium and/or portal. Description The application suffers from multiple blind SQL injection...

Moodle 2.5.9/2.6.8/2.7.5/2.8.3 Block Title Handler Cross-Site Scripting

Summary Moodle is a learning platform designed to provide educators, administrators and learners with a single robust, secure and integrated system to create personalised learning environments. Description Moodle suffers from persistent XSS vulnerabilities. Input passed to the POST parameters...

Spybot Search & Destroy 1.6.2 Security Center Service Privilege Escalation

Summary Spybot – Search & Destroy S&D is a spyware and adware removal computer program compatible with Microsoft Windows 95 and later. It scans the computer hard disk and/or RAM for malicious software. Description The application suffers from an unquoted search path issue impacting the service...

Foxit Reader 7.0.6.1126 Unquoted Service Path Elevation Of Privilege

Summary Foxit Reader is a small, lightning fast, and feature rich PDF viewer which allows you to create free PDF creation, open, view, sign, and print any PDF file. Description The application suffers from an unquoted search path issue impacting the service 'FoxitCloudUpdateService' for Windows...

GeniXCMS v0.0.1 Remote Unauthenticated SQL Injection Exploit

Summary GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate PHP developer to Advanced Developer. Some manual configurations are needed to make this application to work. Description Input passed via the 'page'...

GeniXCMS v0.0.1 Persistent Script Insertion Vulnerability

Summary GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate PHP developer to Advanced Developer. Some manual configurations are needed to make this application to work. Description Input passed to the 'cat' PO...

GeniXCMS v0.0.1 CSRF Add Admin Exploit

Summary GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate PHP developer to Advanced Developer. Some manual configurations are needed to make this application to work. Description The application allows users...

Electronic Arts Origin Client 9.5.5 Multiple Privilege Escalation Vulnerabilities

Summary Origin formerly EA Download Manager EADM is digital distribution software from Electronic Arts that allows users to purchase games on the internet for PC and mobile platforms, and download them with the Origin client formerly EA Download Manager, EA Downloader and EA Link. Description The...

Ubisoft Uplay 5.0 Insecure File Permissions Local Privilege Escalation

Summary Uplay PC is a desktop client which replaces individual game launchers previously used for Ubisoft games. With Uplay PC, you have all your Uplay enabled games and Uplay services in the same place and you get access to a whole new set of features for your PC games. Description Uplay for PC...

Alienware Command Center 2.8.8.0 Local Privilege Escalation

Summary Alienware Command Center is a software program developed by Alienware. The most common release is 2.8.8.0, with over 98% of all installations currently using this version. During setup, the program creates a startup registration point in Windows in order to automatically start when any us...

Realtek 11n Wireless LAN Utility Privilege Escalation

Summary Realtek 11n Wireless LAN utility is deployed and used by realtek alfa cards and more in order to help diagnose and view wireless card properties. Description The application suffers from an unquoted search path issue impacting the Realtek Service 'Realtek11nSU' and 'Realtek11nCU' for...

u5CMS 3.9.3 (deletefile.php) Arbitrary File Deletion Vulnerability

Summary u5CMS is a little, handy Content Management System for medium-sized websites, conference / congress / submission administration, review processes, personalized serial mails, PayPal payments and online surveys based on PHP and MySQL and Apache. Description Input passed to the 'f' parameter...

u5CMS 3.9.3 (thumb.php) Local File Inclusion Vulnerability

Summary u5CMS is a little, handy Content Management System for medium-sized websites, conference / congress / submission administration, review processes, personalized serial mails, PayPal payments and online surveys based on PHP and MySQL and Apache. Description u5CMS suffers from an authenticat...

u5CMS 3.9.3 Multiple Open Redirect Vulnerabilities

Summary u5CMS is a little, handy Content Management System for medium-sized websites, conference / congress / submission administration, review processes, personalized serial mails, PayPal payments and online surveys based on PHP and MySQL and Apache. Description Input passed via the 'uri' GET...

u5CMS 3.9.3 Multiple SQL Injection Vulnerabilities

Summary u5CMS is a little, handy Content Management System for medium-sized websites, conference / congress / submission administration, review processes, personalized serial mails, PayPal payments and online surveys based on PHP and MySQL and Apache. Description Input passed via multiple...

u5CMS 3.9.3 Multiple Stored And Reflected XSS Vulnerabilities

Summary u5CMS is a little, handy Content Management System for medium-sized websites, conference / congress / submission administration, review processes, personalized serial mails, PayPal payments and online surveys based on PHP and MySQL and Apache. Description u5CMS suffers from multiple store...

Gecko CMS 2.3 Multiple Vulnerabilities

Summary Gecko CMS is the way to go, forget complicated, bloated and slow content management systems, Gecko CMS has been build to be intuitive, easy to use, extendable to almost anything, running on all standard web hosting PHP and one MySQL database, Apache is a plus, browser compatibility and...

Zurmo CRM 2.8.5 Multiple Reflected Cross-Site Scripting Vulnerabilities

Summary Zurmo is an Open Source Customer Relationship Management CRM application that is mobile, social, and gamified. Description Zurmo CRM suffers from multiple reflected cross-site scripting vulnerabilities. The issues are triggered when input passed via several GET parameters to several scrip...

AdaptCMS 3.0.3 Remote Command Execution Exploit

Summary AdaptCMS is a Content Management System trying to be both simple and easy to use, as well as very agile and extendable. Not only so we can easily create Plugins or additions, but so other developers can get involved. Using CakePHP we are able to achieve this with a built-in plugin system...

AdaptCMS 3.0.3 HTTP Referer Header Field Open Redirect Vulnerability

Summary AdaptCMS is a Content Management System trying to be both simple and easy to use, as well as very agile and extendable. Not only so we can easily create Plugins or additions, but so other developers can get involved. Using CakePHP we are able to achieve this with a built-in plugin system...

AdaptCMS 3.0.3 Multiple Persistent XSS Vulnerabilities

Summary AdaptCMS is a Content Management System trying to be both simple and easy to use, as well as very agile and extendable. Not only so we can easily create Plugins or additions, but so other developers can get involved. Using CakePHP we are able to achieve this with a built-in plugin system...

BitRaider Streaming Client 1.3.3.4098 Local Privilege Escalation Vulnerability

Summary BitRaider is a video game streaming and download service. Description BitRaider contains a flaw that leads to unauthorized privileges being gained. The issue is due to the program granting improper permissions with the 'F' flag for the 'Users' group, which makes the entire 'BitRaider'...

Soitec SmartEnergy 1.4 SCADA Login SQL Injection Authentication Bypass Exploit

Summary Soitec power plants are a profitable and ecological investment at the same time. Using Concentrix technology, Soitec offers a reliable, proven, cost-effective and bankable solution for energy generation in the sunniest regions of the world. The application shows how Concentrix technology...

IceHrm <=7.1 Multiple Vulnerabilities

Summary IceHrm is Human Resource Management web software for small and medium sized organizations. The software is written in PHP. It has community free, commercial and hosted cloud solution. Description IceHrm IceHrm =7.1 Multiple Vulnerabilities Vendor: IceHRM Product web page:...

IPUX CS7522/CS2330/CS2030 IP Camera (UltraHVCamX.ocx) ActiveX Stack Buffer Overflow

Summary The device is H.264 Wired/Wireless IP Camera with 1.3 Mega-pixel sensor. With high performance H.264 video compression, the file size of video stream is extremely reduced, as to optimize the network bandwidth efficiency. It has full Pan/Tilt function and 3X digital zoom feature for a larg...

IPUX CL5452/CL5132 IP Camera (UltraSVCamX.ocx) ActiveX Stack Buffer Overflow

Summary The device is H.264 Wired/Wireless IP Camera with 1.3 Mega-pixel sensor. With high performance H.264 video compression, the file size of video stream is extremely reduced, as to optimize the network bandwidth efficiency. It has full Pan/Tilt function and 3X digital zoom feature for a larg...

IPUX Cube Type CS303C IP Camera (UltraMJCamX.ocx) ActiveX Stack Buffer Overflow

Summary The device is Day and Night Cube Network camera with CMOS sensor. With Motion JPEG video compression, the file size of video stream is extremely reduced, as to optimize the network bandwidth efficiency. It has 3X digital zoom feature for a larger space monitoring. The ICS303C comes with a...

TRENDnet SecurView Wireless Network Camera TV-IP422WN (UltraCamX.ocx) Stack BoF

Summary SecurView Wireless N Day/Night Pan/Tilt Internet Camera, a powerful dual-codec wireless network camera with the 2-way audio function that provides the high-quality image and on-the-spot audio via the Internet connection. Description The UltraCam ActiveX Control 'UltraCamX.ocx' suffers fro...

TP-Link TL-WR740N Wireless Router MitM httpd Denial Of Service

Summary The TL-WR740N is a combined wired/wireless network connection device integrated with internet-sharing router and 4-port switch. The wireless N Router is 802.11b&g compatible based on 802.11n technology and gives you 802.11n performance up to 150Mbps at an even more affordable price...

Netgear Wireless Router WNR500 Parameter Traversal Arbitrary File Access Exploit

Summary The NETGEAR compact N150 classic wireless router WNR500 improves your legacy Wireless-G network. It is a simple, secure way to share your Internet connection and allows you to easily surf the Internet, use email, and have online chats. The quick, CD-less setup can be done through a web...

Privacyware Privatefirewall 7.0 Unquoted Service Path Privilege Escalation

Summary Privatefirewall multi-layered endpoint security software protects 32 and 64 bit Windows desktops and servers from malware and unauthorized use. Personal firewall, packet inspection, URL filtering, anti-logger, process monitor, and application/system behavior modeling and anomaly detection...

Zenario CMS 7.0.2d Reflected XSS and Open Redirect Vulnerabilities

Summary Zenario is a web-based content management system for sites with one or many languages. It is simple to use, and can grow with your requirements. Description Input passed via the 'location' GET parameter in 'index.php' script is not properly verified before being used to redirect users. Th...

Snowfox CMS v1.0 CSRF Add Admin Exploit

Summary Snowfox is an open source Content Management System CMS that allows your website users to create and share content based on permission configurations. Description Snowfox CMS suffers from a cross-site request forgery vulnerabilities. The application allows users to perform certain actions...

Snowfox CMS v1.0 (rd param) Open Redirect Vulnerability

Summary Snowfox is an open source Content Management System CMS that allows your website users to create and share content based on permission configurations. Description Input passed via the 'rd' GET parameter in 'selectlanguage.class.php' script is not properly verified before being used to...

CorelDRAW X7 CDR File (CdrTxt.dll) Off-By-One Stack Corruption Vulnerability

Summary CorelDRAW is one of the image-creating programs in a suite of graphic arts software used by professional artists, educators, students, businesses and the general public. The CorelDRAW Graphics Suite X7, which includes CorelDRAW, is sold as stand-alone software and as a cloud-based...

CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities

Summary The CBN CH6640E/CG6640E Wireless Gateway is designed for your home, home office, or small business/enterprise. It can be used in households with one or more computers capable of wireless connectivity for remote access to the wireless gateway. Description The CBN modem gateway suffers from...

Croogo 2.0.0 Multiple Stored XSS Vulnerabilities

Summary Croogo is a free, open source, content management system for PHP, released under The MIT License. It is powered by CakePHP MVC framework. Description Croogo version 2.0.0 suffers from multiple stored cross-site scripting vulnerabilities. Input passed to several POST parameters is not...

Croogo 2.0.0 Arbitrary PHP Code Execution Exploit

Summary Croogo is a free, open source, content management system for PHP, released under The MIT License. It is powered by CakePHP MVC framework. Description Croogo suffers from an authenticated arbitrary PHP code execution. The vulnerability is caused due to the improper verification of uploaded...

Telefonica O2 Connection Manager 3.4 Local Privilege Escalation Vulnerability

Summary O2 Connection Manager will help you to manage your internet connections by getting you connected to the fastest available network. Automatically connect you to the fastest available network including your home broadband if you have a wireless router. Description O2 Connection Manager...

Telefonica O2 Connection Manager 8.7 Service Trusted Path Privilege Escalation

Summary O2 Connection Manager will help you to manage your internet connections by getting you connected to the fastest available network. Automatically connect you to the fastest available network including your home broadband if you have a wireless router. Description The O2 Connection Manager'...

SkaDate Lite 2.0 Remote Code Execution Exploit

Summary SkaDate Lite is a new platform that makes it easy to start online dating business in just a few easy steps. No programming or design knowledge is required. Install the solution, pick a template, and start driving traffic to your new online dating site. Description SkaDate Lite suffers fro...

SkaDate Lite 2.0 Multiple XSRF And Persistent XSS Vulnerabilities

Summary SkaDate Lite is a new platform that makes it easy to start online dating business in just a few easy steps. No programming or design knowledge is required. Install the solution, pick a template, and start driving traffic to your new online dating site. Description SkaDate Lite version 2.0...

Oxwall 1.7.0 Remote Code Execution Exploit

Summary Oxwall is unbelievably flexible and easy to use PHP/MySQL social networking software platform. Description Oxwall suffers from an authenticated arbitrary PHP code execution. The vulnerability is caused due to the improper verification of uploaded files in '/admin/settings/user' script thr...

Oxwall 1.7.0 Multiple CSRF And HTML Injection Vulnerabilities

Summary Oxwall is unbelievably flexible and easy to use PHP/MySQL social networking software platform. Description Oxwall version 1.7.0 suffers from multiple cross-site request forgery and stored xss vulnerabilities. The application allows users to perform certain actions via HTTP requests withou...

Omeka 2.2.1 Remote Code Execution Exploit

Summary Omeka is a free, flexible, and open source web-publishing platform for the display of library, museum, archives, and scholarly collections and exhibitions. Its 'five-minute setup' makes launching an online exhibition as easy as launching a blog. Description Omeka suffers from an...