Author: Cyberthreat Blog

There is CSRF in the WHIZZ plugin before 1.1.1 for WordPress, allowing attackers to delete any WordPress users and change the plugin’s status via a GET request.

A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming...

DLink DVGN5402SP with firmware W1000CN00, W1000CN03, or W2000EN00 has a default password of root for the root account and tw for the tw account, which makes it easier for remote attackers to obtain administrative access.

DLink DVGN5402SP with firmware W1000CN00, W1000CN03, or W2000EN00 discloses usernames, passwords, keys, values, and web account hashes (super and admin) in plaintext when running a configuration backup, which allows remote...

SQL injection vulnerability in “yeager/y.php/tab_USERLIST” in Yeager CMS 1.2.1 allows local users to execute arbitrary SQL commands via the “pagedir_orderby” parameter.