Monthly Archive: December 2017

An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before...

An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause...

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. The issue involves the "Kernel" component. It allows local users to...

An issue was discovered in certain Apple products. iOS before 11.2 is affected. The issue involves the "Mail Message Framework" component. It allows remote attackers to spoof the address bar via a crafted web...

PHP Scripts Mall Responsive Realestate Script has XSS via the admin/general.php gplus parameter. Date published : 2017-12-25 https://github.com/d4wner/Vulnerabilities-Report/blob/master/Responsive%20Realestate%20Script.md

PHP Scripts Mall Responsive Realestate Script has CSRF via admin/general. Date published : 2017-12-25 https://github.com/d4wner/Vulnerabilities-Report/blob/master/Responsive%20Realestate%20Script.md

PHP Scripts Mall Car Rental Script has XSS via the admin/areaedit.php carid parameter or the admin/sitesettings.php websitename parameter. Date published : 2017-12-25 https://github.com/d4wner/Vulnerabilities-Report/blob/master/Car-Rental-Script.md

PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter. Date published : 2017-12-25 https://github.com/d4wner/Vulnerabilities-Report/blob/master/Car-Rental-Script.md

PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php. Date published : 2017-12-25 https://github.com/d4wner/Vulnerabilities-Report/blob/master/Car-Rental-Script.md

FS Lynda Clone has XSS via the keywords parameter to tutorial/ or the edit_profile_first_name parameter to user/edit_profile. Date published : 2017-12-25 https://github.com/d4wner/Vulnerabilities-Report/blob/master/FS%20Lynda%20Clone.md

FS Lynda Clone has CSRF via user/edit_profile, as demonstrated by adding content to the user panel. Date published : 2017-12-25 https://github.com/d4wner/Vulnerabilities-Report/blob/master/FS%20Lynda%20Clone.md

An issue was discovered in certain Apple products. iOS before 11.2.1 is affected. tvOS before 11.2.1 is affected. The issue involves the "HomeKit" component. It allows remote attackers to modify the application state by...

An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause...

An issue was discovered in certain Apple products. iOS before 11.2 is affected. The issue involves the "IOMobileFrameBuffer" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial...