We found a vulnerability in a WordPress plugin called Simple Login Log Plugin.
SmadAV antivirus 9.1 is susceptible to null pointer exploitation. The application does not properly filter the scanner input that processed into smadengine.dll. The successful exploitation of this vulnerability could potentially result a crash on the application, since it will refer to a null pointer, EAX = 0000000
ScriptFTP client is vulnerable against remote buffer overflow vulnerability. The condition is triggered while processing LIST FTP command with excessive length.
QuickShare File Server is prone to a FTP directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to modify files outside the destination directory and possibly gain access to the system.
HttpBlitz Server is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause the application to crash, denying service to legitimate users.
SolarFTP Server 2.0 is prone to a denial of service condition. It fails to properly sanitize user-supplied input resulting in a denial of service. With a specially crafted ‘USER’, ‘APPE’, ‘GET’, ‘PUT’, and ‘NLST’ command, a remote attacker can potentially disable the FTP service.
Metasploit has released DLLHijackAuditKit v2 to determine DLL vulnerabilities that still existing in the wild. This tool will scan possible DLL vulnerability and log the result to CSV file. DLLHijackAuditKit v2 can also make a PoC (will try to hijack the DLL and running calc.exe, of course this is optional) to be sent to the […]