Advisories


May. 19, 2014

NextGEN Gallery 1.9.1 - Arbitrary File Upload

The NextGEN Gallery plugin for WordPress is prone to a vulnerability that lets attackers upload arbitrary files.

Sep. 30, 2013

Tenda W309R Router 5.07.46 - Information Disclosure

Tenda Wireless Router W309R doesn't have proper authentication for the web application console. Though the application asks for password, it has poor cookie management which allows a user to login even without providing the password.

Sep. 6, 2013

CMSMini - Multiple Vulnerability

CMS Mini application is vulnerable to multiple security issues including arbitrary file upload, Cross Site Request Forgery and Cross Site Scripting.

Jun. 19, 2013

TP-LINK TL-PS110U Print Server Authentication Bypass

TP-LINK TL-PS110U Print Server is prone to a security-bypass vulnerability. The Print Server device runs a telnet service which enables an attacker to access the configuration details without authentication.