The Web UI in Metasploit version 4.1.0 suffers from a stored cross site scripting vulnerability.
52ef03907b06a53b203a4e0f97b5e303c2199dd0b475cf6d74c7c993198f3050
Pre Studio Business Cards Designer suffers from a remote SQL injection vulnerability.
02b79738b456b46a060f9c6796dd51ab2a9e4766147700841e7356ca484f1d2c
Oracle DataDirect multiple native wire protocol ODBC drivers HOST attribute stack based buffer overflow proof of concept exploit. Oracle Hyperion Performance Management and BI version 11.1.2.1.0 is affected.
819a9a7103b651bf569460c2245b8f99e365a77da86f7f58d8d1faa6db2a9fe0
Tine version 2.0 suffers from multiple cross site scripting vulnerabilities.
694f7255e76308ce35b0db450a361b7ae0102347788c3d19b4f0a1d65da87496
Uiga Personal Portal suffers from cross site scripting and remote blind SQL injection vulnerabilities.
0850b0373ceb33e2e98600dcf74d17019ae0aceb37c2be131cea4721f59bce44
CMSmini version 0.2.2 suffers from a local file inclusion vulnerability in edit.php.
702805a640d6eda3e44aef5fc8e7038fa46cbbcbc0b37d8ffa490299862bfbe4
UnrealIRCd version 3.2.8.1 local configuration stack overflow proof of concept exploit.
71bfcad8bcbf78c8eb8c2135b6b8bf5399b78eae5d03c67e7d5e4610dc3236e6
Opera versions 11.52 and below proof of concept stack overflow exploit.
d8e6d58f0c40d06f09f7f9e1562cc78db5502eabbfa08a284ed2ca5e41060dd9
Opera versions 11.52 and below proof of concept denial of service exploit.
2a6758138a9765d3cc1929bce5ecaa3ec9bfcd4368b4177f67a84d7ea0a2adb9
Innovate Portal suffers from a cross site scripting vulnerability.
c22074c325aeb15c37ca4f5817b771e46b72c691ba9e1f8b7e6fa94deaaf3133
Free Way osCommerce suffers from backup related, file disclosure, and shell upload vulnerabilities.
deb392a1a7903348d0167f0991e8ddecec1f405715d0e637549f413ad5ea4b4a
Splunk suffers from cross site scripting and denial of service vulnerabilities.
ddfc14ed113370c19fa721dd478402ae1860dca25d896e9d9263eea9a41993ee
WHMCompleteSolution suffers from a local file disclosure vulnerability in cart.php.
bfd292d45169e284bde0b8ece7b60d1bb5440aa1f6200db240005f7bda953b72
Openemr version 4.1.0 suffers from a remote SQL injection vulnerability.
da54a40ca9e2c46e698a4cb7a9c5ca2be8bb855d4386688f8350dbfcd224cf93
Yet Another CMS version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
969a390927b6bb601dd3dcd96acdfeb55431ddbc9cfb876784386309b6077aca
1024 CMS version 1.1.0 Beta suffers from a local file inclusion vulnerability in force_download.php.
c5ee1836f34737277d9dda98295f796a10de494c307edcbf334527f5915761b2
Simple Free PHP Forum Script versions 1 and below suffer from multiple remote SQL injection vulnerabilities.
cfc43fc9e4e6d7837cfb56eea10a2a41183c5a9c1c7b0a374599091486bc34fd
File Management System versions 1.2.1a and below suffer from a remote SQL injection vulnerability that allows for arbitrary file download.
7c4cb1797a2b650b8cff85ee6118f70d40a098c823336136403197ed33f928bc
Site@School version 2.4.10 suffers from cross site scripting and remote SQL injection vulnerabilities.
52694c6e5b1545947799ec5516fa803298868adbd0427bbd993cf8a1ce6c7ee4
This Metasploit module exploits a file creation vulnerability in the Webkit rendering engine. It is possible to redirect the output of a XSLT transformation to an arbitrary file. The content of the created file must be ASCII or UTF-8. The destination path can be relative or absolute. This Metasploit module has been tested on Safari and Maxthon. Code execution can be achieved by first uploading the payload to the remote machine in VBS format, and then upload a MOF file, which enables Windows Management Instrumentation service to execute the VBS.
c3cc069840b33d66dc0f5eb936fd86d7c0e81a9ca3077cb540669d0523d716eb
Dolphin versions 7.0.0 through 7.0.7 remote PHP code injection exploit.
f8491a4888891439bd445b8f8fad6b81712c31b0ac7b701243d0d96f85f10c23
The Joomla NoNumber Framework component suffers from local file inclusion and shell upload vulnerabilities.
e3ae091577864ca2191cda6842e17f20d23686b3a23d2de2b27c1ca2850d9f76
Northern Racing suffers from a remote SQL injection vulnerability.
b537bbb9d4a91562f89cc78fa5612e6b135909ae054e17b2edda07a006528f79
Eurotax.com suffers from a cross site scripting vulnerability.
d9fe81ebef5026ce0ee70120ba44d61061a6692e1778b7957a06c7230d83c351
Sites powered by Webciters suffer from multiple SQL injection vulnerabilities.
750e1c069dc13cb7dcdcaca62659ef9bb62002de1c8bf40379f2d0727ed67fcd