Outer Web | Explore

Explore >> Select a destination

You are here		positive.security Allow arbitrary URLs, expect arbitrary code execution \| Positive Security
\|	\|	srcincite.io Smarty Template Engine Multiple Sandbox Escape PHP Code Injection Vulnerabilities	3.6 parsecs away Travel
\|	\|	In this blog post we explore two different sandbox escape vulnerabilities discovered in the Smarty Template Engine that can be leveraged by a context dependa...	3.6 parsecs away Travel
\|	\|	swordbytes.com Overwolf 1-Click Remote Code Execution - CVE-2021-33501	2.3 parsecs away Travel
\|	\|	SwordBytes researchers have identified an Unauthenticated Remote Code Execution (RCE) vulnerability in Overwolf's Client Application by abusing a Reflected Cross-Site Scripting (XSS) issue present in the "overwolfstore://" URL handler. This vulnerability allows remote unauthenticated attackers to execute arbitrary commands on the underlying operating system that hosts Overwolf's Client Application.	2.3 parsecs away Travel
\|	\|	palant.info Numerous vulnerabilities in Xunlei Accelerator application \| Almost Secure	2.9 parsecs away Travel
\|	\|	Looking into Xunlei Accelerator, I discovered a number of flaws allowing remote code execution from websites or local network. It doesn't look like security was considered when designing this application.	2.9 parsecs away Travel
\|	\|	www.runzero.com CVE-2024-38077: Windows Remote Desktop Licensing Services	12.3 parsecs away Travel
\|		Microsoft disclosed multiple vulnerabilities in their RDS product that allows for remote code execution. Here's how to find affected services on your...	12.3 parsecs away Travel