phpunity.postcard suffers from a remote file inclusion vulnerability in gallery_path.
700a972a3176ae5e56b480102c0241692b7fb09f415c502499f7e49051b0c1ce
Downstat versions 1.8 and below suffer from a remote file inclusion vulnerability.
c8952b40a570f16e6e3db05b661b52622826c85a7e1c99d9b0f2a4456f432683
Shadowed Portal versions 5.599 and below suffer from a remote file inclusion vulnerability.
9e7c06065df3ed99d938a9cd874a105aed700ab05e7f718ef998ee5b2fd99f19
TualBLOG version 1.0 suffers from a remote SQL injection vulnerability.
6a297f57b82afb4f82b7b2f825c3ec18e73ccfdb97f2c5f1b3228796564cb64b
Magic News Pro versions 1.0.3 and below suffer from a remote file inclusion vulnerability.
1e18637e554e70d7c81ba4e01d9f01c0707cada1602c27a6a4d47be70ddb3201
The NetPerformer Frame Relay Access Device (FRAD) suffers from multiple denial of service vulnerabilities including a buffer overflow in telnetd.
7c70c195bf96759e431f61bac01420be826cf46eb84f569059801ef8f3707857
Multiple cross site scripting vulnerabilities have been identified in SoftComplex Inc.'s PHP Event Calendar version 1.5.1. Prior versions may also be susceptible.
fa612026fe79ef3bb592170199626740daa97b46923fceb0bd732b41be574efd
ForumJBC version 4 suffers from a cross site scripting flaw.
38cc525490f4600bbc3eaed1c72b38e45020e5cbf3221b7de9a86c823475df72
NX5Linkx version 1.0 suffers from arbitrary file disclosure, multiple SQL injection, and HTTP response splitting vulnerabilities.
767ede366b554aeb6bf350b179f671e5cd739145acf7762bd05061614695ac0b
CJ Tag Board version 3.0 suffers from a cross site scripting flaw.
2905ba195684193ff7e97f9a8b24a43f1b48e497116f38957891654bb31f03d3
Links Manager version 2006-06-12 suffers from SQL injection and cross site scripting vulnerabilities.
677df6dd24965ee16f18ad7f7462b2fa5d9cd50c627f6a4bad4181314e7e0e86
indexcity version 1.0 suffers from SQL injection and cross site scripting flaws.
17ae392e1f15f7267a0453ba7645b3c61bba0a51cd503303bd13d94b45287800
Doika guestbook version 2.5 suffers from a cross site scripting flaw.
c1521dc13d79d8b91f21b61420048d02bb9e8b74ba6f8cbfb2c00def5b6283b4
LedgerSMB version 1.0.0 and SQL-Ledger versions 2.6.18 and below suffer from a directory traversal flaw that may allow for arbitrary code execution.
b63d208999b7ba0d0fdd5c47f42f47e76efcec435eeffa093535f6e4693c9d98
Newsscript version 0.5 suffers from a local file inclusion flaw in print.php.
d5b175e18bd85013db5424ccdf23bd98f5ca37cb59fbd8ade11c6f9a57df8403
WTools version 0.0.1-ALPHA suffers from a remote file inclusion vulnerability.
2cbcd5737f172555abd9ecf79ac228ca04e6be96946750c269808ce6ce582d34
Multiple PHP applications, including phpBB and punBB, suffer from a poison NULL byte vulnerability.
f11f44724c2f056f01589de173ca4fbf94d6c615eb5160f25decab04aae9da8a
Deja Vu, which is bundled with Roxio Toast 7, creates ruby scripts in the /tmp directory. These scripts contain commands which are executed with escalated privileges. A race condition exists which makes it possible to execute arbitrary commands against the system or gain root level access.
dceb4c62c12876daaa9c13d289451d6a39385dd8a1b2de27fbeba98c759b1b3b
The vCAP Calendar server versions 1.9.0 Beta and below suffer from denial of service and directory traversal vulnerabilities.
fcf14fec53b897407562c5f3d3d9dc7cbf943f38eb9d639ce1c7c0a039ae19f4
XHP CMS version 0.5.1 suffers from a cross site scripting vulnerability.
b99ebb0c64935a47c2b965431215b64bcf60516c294ae7d751ad19c09834e05d
HotPlug CMS config file inclusion exploit that compromises access to the database.
f8c49e1c288dd71f867cf2b3e6013f7f63e3959f00152818682f8680ecccf4a3
CMS.R suffers from a SQL injection vulnerability that allows for administrative authentication bypass.
db8aca92cdacc50127776f42b16318d861940a41254f30d81f92b338708161d8
PHProg suffers from cross site scripting and local file inclusion flaws.
93b466caa26b9cce7db8eca898f622659062b5ef5a00507d7dd04e38b62450b4
SmartStore.biz versions 3.5.11 and 3.5.13 suffer from a price manipulation flaw. Advisory is in both German and English.
3471ca21aee3c84f8e9535886f41b80b18da0e2a16a050e0f5be7a5b4ab6d166
ppalCart version 2.5 EE suffers from a remote file inclusion vulnerability.
d97023b482dd851fff738c9f0a9eea3459ea08fade0c1f537ae45adc323b0fba