CatBot v0.4.2 (PHP) - SQL Injection Vulnerability

is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect

VeryPhoto v3.0 iOS - Command Injection Vulnerability

Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either

WiFi File Browser Pro v2.0.8 - Code Execution Vulnerability

as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental

File Pro Mini v5.2 iOS - Multiple Web Vulnerabilities

) [www.vulnerability-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability

Facebook Bug Bounty #19 - Filter Bypass Web Vulnerability

as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect

PhotoSync 1.1.3 Android - Command Inject Vulnerability

vulnerability in the photosync application is estimated as medium. (CVSS 5.2) Credits Authors: == Hadji Samir s...@hotmail.fr Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab

Program-O v2.4.6 - Multiple Web Vulnerabilities

: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its

BlinkSale Bug Bounty #1 - Encode Validation Vulnerability

) [www.vulnerability-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability

Pandora FMS v5.1 SP1 - SQL Injection Web Vulnerability

: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers

T-Mobile Internet Manager - DLL Hijacking (mfc71enu.dll)

vulnerability in the mfc71enu.dll is estimated as medium. (CVSS 5.6) Credits Authors: == metacom Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either

Facebook Bug Bounty #23 - Session ID CSRF Vulnerability

Balhis (https://www.facebook.com/joe.balhis) Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability

Ebay Inc Magento Bug Bounty #5 - Persistent Validation Mail Encoding Web Vulnerability

Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its

ZTE Datacard MF19 0V1.0.0B PCW - Multiple Vulnerabilities

are estimated as high. (CVSS 6.0) Credits Authors: == Hadji Samir s...@hotmail.fr Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed

Blitz CMS Community - SQL Injection Web Vulnerability

in the community post file is estimated as critical. (CVSS 8.3) Credits Authors: == IranGuard Security Team - P0!s0nC0d3 Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab

Heroku API Bug Bounty #1 - Persistent Invitation Vulnerability

: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any

Heroku API Deep Dive Bug Bounty #3 - Persistent UI Vulnerability

warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential

Foxit MobilePDF v4.4.0 iOS - Multiple Web Vulnerabilities

(b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties

Sitefinity Enterprise v7.2.53 - Persistent Vulnerability

Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab

Wireless File Transfer Pro Android - Multiple CSRF Vulnerabilities

and delete function is estimated as medium. (CVSS 2.3) Credits Authors: == Hadji Samir [s...@hotmail.fr] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all

Data Source: Scopus CMS - SQL Injection Web Vulnerability

- (http://www.guardiran.org) Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability

DSS TFTP 1.0 Server - Path Traversal Vulnerability

: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable

Ebay Inc Xcom #7 - (Policy) Persistent Vulnerability

: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all

PayPal Inc Bug Bounty #113 - Client Side Cross Site Scripting Vulnerability

] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose

SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities

in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including

Photo Manager Pro 4.4.0 iOS - Code Execution Vulnerability

: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims

Mobile Drive HD v1.8 - File Include Web Vulnerability

: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers

Wifi Drive Pro v1.2 iOS - File Include Web Vulnerability

: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable

Photo Manager Pro v4.4.0 iOS - File Include Vulnerability

...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties

Ebay Inc Xcom #4 - (Item Preview) Persistent Vulnerability

Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed

Ebay Inc Xcom #6 - Persistent POST Inject Vulnerability

: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either

Socrata Bug Bounty #1 - Persistent Encoding Vulnerability

warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential

Apple iOS 8.0 - 8.0.2 - Controls Re Auth Bypass Vulnerability

) [www.vulnerability-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability

iPassword Manager v2.6 iOS - Persistent Vulnerabilities

in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage

SonicWall SonicOS 7.5.0.12 6.x - Client Side Cross Site Scripting Vulnerability

-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose

PayPal Inc Bug Bounty #114 - JDWP Remote Code Execution Vulnerability

in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including

SevDesk v1.1 iOS - Persistent Dashboard Vulnerability

: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either

PhotoWebsite v3.1 iOS - File Include Web Vulnerability

Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties

Grindr 2.1.1 iOS Bug Bounty #2 - Denial of Service Software Vulnerability

any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental

Grindr v2.1.1 iOS - (eMail) Session Vulnerability

: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any

Grindr v2.1.1 iOS Bounty #1 - (Session) Auth Bypass Vulnerabilities

] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including

HUAWEI MobiConnect 23.9.17.216 - Privilege Escalation Vulnerability

in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct

vPhoto-Album v4.2 iOS - File Include Web Vulnerability

] - Katharin S. L. (CH) (resea...@vulnerability-lab.com) [www.vulnerability-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including

Fortinet FortiAnalyzer FortiManager - Client Side Cross Site Scripting Vulnerability

Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits

PDF Converter Editor 2.1 iOS - File Include Vulnerability

Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab

TORNADO Computer Trading CMS - SQL Injection Vulnerability

: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers

Pimcore v3.0.5 CMS - Multiple Web Vulnerabilities

Authors: == Alain Homewood - PwC New Zealand (http://www.pwc.co.nz/services/assurance-services/pwc-security/) Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all

Album Streamer v2.0 iOS - Directory Traversal Vulnerability

: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable

Yahoo eMarketing Bug Bounty #31 - Cross Site Scripting Vulnerability

in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct

Grindr v2.1.1 iOS Account System - Breach Attack Vulnerability

-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular

Web India Solutions CMS 2015 - SQL Injection Vulnerability

: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers

CRUCMS Crucial Networking - SQL Injection Vulnerability

as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental

Wireless Photo Transfer v3.0 iOS - File Include Vulnerability

provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage

iClassSchedule 1.6 iOS Android - Persistent UI Vulnerability

. L. (CH) (resea...@vulnerability-lab.com) [www.vulnerability-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including

OYO File Manager 1.1 iOSAndroid - Multiple Vulnerabilities

[Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied

WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability

software is estimated as high. (CVSS 6.0) Credits Authors: == metacom Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied

HiDisk 2.4 iOS - (currentFolderPath) Persistent Vulnerability

] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose

Staff FTP v3.04 Software - DLL Hijacking Vulnerability

is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect

Eisbär SCADA (All Versions - iOS, Android W8) - Persistent UI Vulnerability

: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims

1 Click Extract Audio v2.3.6 - Activex Buffer Overflow

) - [http://www.vulnerability-lab.com/show.php?user=metacom] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties

1 Click Audio Converter v2.3.6 - Activex Buffer Overflow

Authors: == metacom (PwC New Zealand) - [http://www.vulnerability-lab.com/show.php?user=metacom] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either

1 Click Audio Converter v2.3.6 - Activex Buffer Overflow

(PwC New Zealand) - [http://www.vulnerability-lab.com/show.php?user=metacom] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including

Heroku Bug Bounty #2 - (API) Re Auth Session Bypass Vulnerability

as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental

ManageEngine Asset Explorer v6.1 - Persistent Vulnerability

provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage

Ebay Magento Bug Bounty #12 - Cross Site Request Forgery Web Vulnerability

: == Vulnerability Laboratory [Research Team] - Hadji Samir [s...@hotmail.fr] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied

ZTE ZXV10 W300 v3.1.0c_DR0 - UI Session Delete Vulnerability

...@hotmail.fr] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability

Ebay Magento Bug Bounty #17 - Client Side Cross Site Scripting Web Vulnerability

] - Hadji Samir [s...@hotmail.fr] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability

ManageEngine SupportCenter Plus 7.90 - Multiple Vulnerabilities

Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab

WebDrive 12.2 (B4172) - Buffer Overflow Vulnerability

: == metacom Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability

Blueberry Express v5.9.x - SEH Buffer Overflow Vulnerability

any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental

Pinterest Bug Bounty #1 - Persistent contact_name Vulnerability

) [www.vulnerability-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability

WK UDID v1.0.1 iOS - Command Inject Vulnerability

as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental

Google HTTP Live Headers v1.0.6 - Client Side Cross Site Scripting Web Vulnerability

Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability

Ebay Inc Magento Bug Bounty #16 - CSRF Web Vulnerability

[Research Team] - Hadji Samir [s...@hotmail.fr] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties

UBNT Bug Bounty #3 - Persistent Filename Vulnerability

. (CVSS 4.2) Credits Authors: == Vulnerability Laboratory [Research Team] - Hadji Samir [sa...@evolution-sec.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all

Microsoft HTA (HTML Application) - Remote Code Execution Vulnerability (MS14-064)

: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers

WebSolutions India Design CMS - SQL Injection Vulnerability

warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss

ChiefPDF Software v2.x - Buffer Overflow Vulnerability

: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers

UBNT Bug Bounty #1 - Client Side Cross Site Scripting Vulnerability

: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its

PDF Shaper v3.5 - (MSF) Remote Buffer Overflow Vulnerability

: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any

Ferrari - PHP CGI Argument Injection (RCE) Vulnerability

(www.kieranclaessens.be) Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular

Device Inspector v1.5 iOS - Command Inject Vulnerabilities

provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage

bizidea Design CMS 2015Q3 - SQL Injection Vulnerability

in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including

Apple iTunes AppStore - Filter Bypass Persistent Invoice Vulnerability

: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any

ThaiWeb CMS 2015Q3 - SQL Injection Web Vulnerability

-Cyber.Org Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose

UDID+ v2.5 iOS - Mail Command Inject Vulnerability

: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all

FoxyCart Bug Bounty #1 - Filter Bypass Persistent Vulnerability

: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers

AirDroid ID - Client Side JSONP Callback Vulnerability

Team] - Hadji Samir [sa...@evolution-sec.com] Disclaimer Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties

Free WMA MP3 Converter - Buffer Overflow Exploit (SEH)

print " Email: m...@live.fr" Security Risk: ====== The security risk of the local buffer overflow (SEH) Vulnerability in the converter software is estimated as high. (CVSS 7.5) Credits & Authors: == ZwX - (http://zwx.fr) [ http://www.vulnerability-lab

Murgent CMS - SQL Injection Vulnerability

a Turk and All Of My Friends Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability fo

Magento Bug Bounty #22 - (Profile) Persistent Vulnerability

ww.vulnerability-lab.com/show.php?user=Hadji%20Samir) Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of

LAN Scan HD v1.20 iOS - Command Inject Vulnerability

ation: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its s

Port Scan v2.0 iOS - Command Inject Vulnerability

- Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the

Magento Bug Bounty #24 - Multiple CSRF Web Vulnerabilities

g/ http://www.magentocommerce.com/bug-tracking/report PoC #2: CSRF URL: http://merch.docs.magento.com/ce/user_guide/Magento_Community_Edition_User_Guide.html Note: Remote attackers are able to inject own websites/webpages with fake login for phishing attacks against the login users Reference(s):

PayPal Inc Bug Bounty #117 - Session Fixation Vulnerability

Samir (sa...@evolution-sec.com) [http://www.vulnerability-lab.com/show.php?user=Hadji%20Samir] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, eith

Freemake Video Downloader 3.7.1 - Code Execution Vulnerability

amp; Authors: == ZwX - (http://zwx.fr) [ http://www.vulnerability-lab.com/show.php?user=ZwX ] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties,

PayPal Inc Bug Bounty #119 - URL Redirect Web Vulnerability

== Rui Silva (http://www.vulnerability-lab.com/show.php?user=Rui%20Silva) Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied,

WebComIndia CMS 2015Q4 - Auth Bypass Vulnerability

ial Thanks: Hell Shield Hackers | Ahmedabad University | Skysecura Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the wa

FreeYouTubeToMP3 Converter 4.0.1 - Buffer Overflow Vulnerability

ty-lab.com/show.php?user=ZwX ] Disclaimer & Information: ===== The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability a

LinuxOptic CMS 2009 - Auth Bypass Session Vulnerability

Contact: https://securityresearchindia.wordpress.com > https://twitter.com/aaditya_purani Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or

PayPal Bug Bounty #119 - Stored Cross Site Scripting Vulnerability

er & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vuln

<    1   2   3   4   5   6   7   8   9   >