BuilderOrcus (Orcus.Administration-cracked.exe) / Insecure Credential Storage
Posted by malvuln on Mar 20 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/cc3670f1b3e60e00b43c86d787563a44_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
BuilderOrcus (Orcus.Administration-cracked.exe) / Insecure Permissions
Posted by malvuln on Mar 20 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/cc3670f1b3e60e00b43c86d787563a44.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
[CVE-2021-42063] SAP Knowledge Warehouse <= 7.50 "SAPIrExtHelp" Reflected XSS
Posted by Julien Ahrens (RCE Security) on Mar 20 RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: SAP Knowledge Warehouse Vendor URL: https://help.sap.com/viewer/816f1f952d244bbf9dd5063e2a0e66b0/7.5.21/en-US/4dc9605e4a9d6522e10000000a15822b.html Type:...
CVE-2021-45491: Exportable Cleartext Passwords in the 3CX Phone System
Posted by Emanuel DUSS on Mar 20 ############################################################# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # ############################################################# # # Product: 3CX Phone System # Vendor:...
CVE-2021-45490: Missing Certificate Verification in 3CX Client for Windows (legacy), Android & iOS
Posted by Emanuel DUSS on Mar 20 ############################################################# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # ############################################################# # # Product: 3CX Client for Windows (legacy),...
DSA-5106 thunderbird – security update
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure. Read More
FreeBSD-EN-22:13.zfs
Post Content Read More
CVE-2020-26008
The PluginsUpload function in application/service/PluginsAdminService.php of ShopXO v1.9.0 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via uploading a crafted...
CVE-2020-26007
An arbitrary file upload vulnerability in the upload payment plugin of ShopXO v1.9.0 allows attackers to execute arbitrary code via uploading a crafted PHP file....
Vulnerability Analysis
A vulnerability is a weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat...