[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253562

 
 

909

 
 

197267

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 251796 Download | Alert*

In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file.

DedeCMS through 5.6 allows arbitrary file upload and PHP code execution by embedding the PHP code in a .jpg file, which is used in the templet parameter to member/article_edit.php.

IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker using man-in-the-middle techniques to spoof DNS responses to perform DNS cache poisoning and redirect Internet traffic. IBM X-Force ID: 136817.

DedeCMS through 5.7 has SQL Injection via the logo parameter to plus/flink_add.php.

DedeCMS through 5.7 has SQL Injection via the $_FILES superglobal to plus/recommend.php.

Maccms 8.x allows remote command execution via the wd parameter in an index.php?m=vod-search request.

CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in sessions.

CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in cookies.

Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 allows remote attackers to obtain Global Administrator access by visiting CMSInstall/install.aspx and then navigating to the CMS Administration Dashboard.

The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has XSS via the REF parameter to /network_diagnostics.html or /storage_info.html.


Pages:      Start    14414    14415    14416    14417    14418    14419    14420    14421    14422    14423    14424    14425    14426    14427    ..   25179

© SecPod Technologies