This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
Read MoreSQL Injection exists in tianchoy/blog through 2017-09-12 via the id parameter to view.php.
Read MoreXXE in Dive Assistant – Template Builder in Blackwave Dive Assistant – Desktop Edition 8.0 allows attackers to remotely view local files via a crafted template.xml file.
Read Moreupload.php in tianchoy/blog through 2017-09-12 allows unrestricted file upload and PHP code execution by using the image/jpeg, image/pjpeg, image/png, or image/gif content type for a .php file.
Read MoreNexusPHP 1.5.beta5.20120707 has XSS in the returnto parameter to fun.php in a delete action.
Read More