MS Internet Information Services XSS / HTML Injection vulnerability

Cross Site Scripting / HTML injection vulnerability in Microsoft Internet Information Services web server == Versions Affected: MS Internet Information services (All platforms and versions) == CVE Reference:

CVE-2017-6805 MobaXterm Personal Edition v9.4 Path Traversal Remote File Disclosure

+] Credits: John Page AKA hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/MOBAXTERM-TFTP-PATH-TRAVERSAL -REMOTE-FILE-ACCESS.txt [+] ISR: ApparitionSec Vendor: = mobaxterm.mobatek.net Product:

SEC Consult SA-20170316-0 :: Authenticated command injection in multiple Ubiquiti Networks products

SEC Consult Vulnerability Lab Security Advisory < 20170316-0 > === title: Authenticated Command Injection product: Multiple Ubiquiti Networks products, e.g. TS-16-CARRIER, TS

CVE-2017-6911: USB Pratirodh Insecure Password Storage Information Disclosure Vulnerability

Vulnerability Title: USB Pratirodh Insecure Password Storage Information Disclosure Vulnerability Affected Product: USB Pratirodh Product Homepage: https://cdac.in/index.aspx?id=cs_eps_usb_pra CVE-ID : CVE-2017-6911 Severity: Medium Description: USB Pratirodh is prone to sensitive information