Category Archives: Advisories

Multiple Vulnerabilities in Mozilla Firefox and Firefox ESR Could Allow for Arbitrary Code Execution

Read Time:38 Second

Multiple vulnerabilities have been discovered in Mozilla Firefox and Firefox ESR, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More

Backdoor.Win32.Redkod.d / Weak Hardcoded Credentials

Read Time:19 Second

Posted by malvuln on Oct 20

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/bb309bdd071d5733efefe940a89fcbe8.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Redkod.d
Vulnerability: Weak Hardcoded Credentials
Description: The malware listens on TCP port 4820. Authentication is
required, however the password “redkod” is weak and hardcoded in cleartext
within the PE…

Read More

RRX IOB LP v1.0 – DNS Cache Snooping Vulnerability

Read Time:20 Second

Posted by info () vulnerability-lab com on Oct 20

Document Title:
===============
RRX IOB LP v1.0 – DNS Cache Snooping Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2261

Article:https://www.vulnerability-db.com/?q=articles/2022/10/11/rhein-ruhr-express-rrx-dns-cache-snooping-vulnerability-wifi-hotspot

Release Date:
=============
2022-10-11

Vulnerability Laboratory ID (VL-ID):
====================================
2261

Common…

Read More

MapTool v1.11.5 – Cross Site Scripting Vulnerabilities

Read Time:16 Second

Posted by info () vulnerability-lab com on Oct 20

Document Title:
===============
MapTool v1.11.5 – Cross Site Scripting Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2319

Release Date:
=============
2022-10-11

Vulnerability Laboratory ID (VL-ID):
====================================
2319

Common Vulnerability Scoring System:
====================================
5.6

Vulnerability Class:
====================
Cross Site Scripting…

Read More

MapTool v1.11.5 – Denial of Service Vulnerability

Read Time:16 Second

Posted by info () vulnerability-lab com on Oct 20

Document Title:
===============
MapTool v1.11.5 – Denial of Service Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2318

Release Date:
=============
2022-10-10

Vulnerability Laboratory ID (VL-ID):
====================================
2318

Common Vulnerability Scoring System:
====================================
5.7

Vulnerability Class:
====================
Denial of Service…

Read More

WiFi File Transfer v1.0.8 – Cross Site Scripting Vulnerabilities

Read Time:16 Second

Posted by info () vulnerability-lab com on Oct 20

Document Title:
===============
WiFi File Transfer v1.0.8 – Cross Site Scripting Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2322

Release Date:
=============
2022-10-17

Vulnerability Laboratory ID (VL-ID):
====================================
2322

Common Vulnerability Scoring System:
====================================
5.6

Vulnerability Class:
====================
Cross Site…

Read More

Webile v1.0.1 – Directory Traversal Web Vulnerability

Read Time:16 Second

Posted by info () vulnerability-lab com on Oct 20

Document Title:
===============
Webile v1.0.1 – Directory Traversal Web Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2320

Release Date:
=============
2022-10-10

Vulnerability Laboratory ID (VL-ID):
====================================
2320

Common Vulnerability Scoring System:
====================================
7.3

Vulnerability Class:
====================
Directory- or…

Read More

Stripe Green Downloads 2.03 – Cross Site Scripting Web Vulnerability

Read Time:16 Second

Posted by info () vulnerability-lab com on Oct 20

Document Title:
===============
Stripe Green Downloads 2.03 – Cross Site Web Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2287

Release Date:
=============
2022-10-17

Vulnerability Laboratory ID (VL-ID):
====================================
2287

Common Vulnerability Scoring System:
====================================
5.2

Vulnerability Class:
====================
Cross Site…

Read More

Vicidial v2.14-783a – Multiple XSS Web Vulnerabilities

Read Time:16 Second

Posted by info () vulnerability-lab com on Oct 20

Document Title:
===============
Vicidial v2.14-783a – Multiple XSS Web Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2311

Release Date:
=============
2022-10-11

Vulnerability Laboratory ID (VL-ID):
====================================
2311

Common Vulnerability Scoring System:
====================================
5.2

Vulnerability Class:
====================
Cross Site Scripting…

Read More