Author: Cyberthreat Blog

Untrusted search path vulnerability in ZTE Datacard MF19 0V1.0.0B04 allows local users to gain privilege by modifying the ‘Ucell Internet’ directory to reference a malicious mms_dll_r.dll or mediaplayerdll.dll.

libhtp 0.5.15 allows remote attackers to cause a denial of service (NULL pointer dereference).

Directory traversal vulnerability in ppmd 10.1-5.

Cross-site scripting (XSS) vulnerability in MantisBT 1.2.13 and later before 1.2.20.

Cross-site scripting (XSS) vulnerability in GE Multilink ML810/3000/3100 series switch 5.2.0 and earlier, and GE Multilink ML800/1200/1600/2400 4.2.1 and earlier.