Huawei E3276s USB modems with software before E3276s-150TCPU-V200R002B436D09SP00C00 allow man-in-the-middle attackers to intercept, spoof, or modify network traffic via unspecified vectors related to a fake network.
Monthly Archives: April 2016
CVE-2016-3678
Huawei Quidway S9700, S5700, S5300, S9300, and S7700 switches with software before V200R003SPH012 allow remote attackers to cause a denial of service (switch restart) via crafted traffic.
Novell Service Desk 7.1.0 Code Execution / Information Disclosure
Novell Service Desk versions 7.1.0 and below suffer from code execution, information disclosure, cross site scripting, remote file upload, HQL injection, and traversal vulnerabilities.
Linux/x86_64 Port 5600 Bindshell Shellcode
81 bytes small Linux/x86_64 bindshell shellcode that binds to port 5600.
CAM UnZip 5.1 Path Traversal / Code Execution
CAM UnZip version 5.1 suffers from a path traversal vulnerability that allows for code execution.
OpenCart 2.2.0.0 Remote PHP Code Execution
OpenCart version 2.2.0.0 suffers from a remote PHP code execution vulnerability.
WPN-XM 0.8.6 Cross Site Request Forgery
WPN-XM version 0.8.6 suffers from a cross site request forgery vulnerability.
WPN-XM 0.8.6 Cross Site Scripting
WPN-XM version 0.8.6 suffers from a cross site scripting vulnerability.
DirectAdmin Control Panel 1.50.0 Cross Site Scripting
DirectAdmin Control Panel version 1.50.0 suffers from a cross site scripting vulnerability.
Apache OFBiz 13.07.02 / 13.07.01 Information Disclosure
Apache OFBiz versions 13.07.02 and 13.07.01 suffer from an information disclosure vulnerability.