Author: Cyberthreat Blog

MyBB before 1.8.11 allows remote attackers to bypass an SSRF protection mechanism.

In vBulletin before 5.3.0, remote attackers can bypass the CVE-2016-6483 patch and conduct SSRF attacks by leveraging the behavior of the PHP parse_url function, aka VBV-17037.

public/rolechangeadmin in Faveo 1.9.3 allows CSRF. The impact is obtaining admin privileges.

A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00(AAQT.4)b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user may...

F5 SSL Intercept iApp version 1.5.0 – 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration, extraction of sensitive system files, and possible remote...