In WordPress Plugin User Photo 0.9.4, when a photo is uploaded, it is only partially validated and it is possible to upload a backdoor on the server hosting WordPress. This backdoor can be called (exe ...
Continue Reading
June 24, 2022
A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory servers that they might not otherwise be authorized to access.Read More ...
Continue Reading
June 24, 2022
The tested version of Dominion Voting Systems ImageCast X does not validate application signatures to a trusted root certificate. Use of a trusted root certificate ensures software installed on a devi ...
Continue Reading
June 24, 2022
The tested version of Dominion Voting Systems ImageCast Xs on-screen application hash display feature, audit log export, and application export functionality rely on self-attestation mechanisms. An ...
Continue Reading
June 24, 2022
The tested version of Dominion Voting Systems ImageCast X has a Terminal Emulator application which could be leveraged by an attacker to gain elevated privileges on a device and/or install malicious c ...
Continue Reading
June 24, 2022
The tested version of Dominion Voting Systems ImageCast X allows for rebooting into Android Safe Mode, which allows an attacker to directly access the operating system. An attacker could leverage this ...
Continue Reading
June 24, 2022
The tested version of Dominion Voting System ImageCast X can be manipulated to cause arbitrary code execution by specially crafted election definition files. An attacker could leverage this vulnerabil ...
Continue Reading
June 24, 2022
Applications on the tested version of Dominion Voting Systems ImageCast X can execute code with elevated privileges by exploiting a system level service. An attacker could leverage this vulnerability ...
Continue Reading
June 24, 2022
Back to Main
