The Web UI in Metasploit version 4.1.0 suffers from a stored cross site scripting vulnerability.
52ef03907b06a53b203a4e0f97b5e303c2199dd0b475cf6d74c7c993198f3050Pre Studio Business Cards Designer suffers from a remote SQL injection vulnerability.
02b79738b456b46a060f9c6796dd51ab2a9e4766147700841e7356ca484f1d2cOracle DataDirect multiple native wire protocol ODBC drivers HOST attribute stack based buffer overflow proof of concept exploit. Oracle Hyperion Performance Management and BI version 11.1.2.1.0 is affected.
819a9a7103b651bf569460c2245b8f99e365a77da86f7f58d8d1faa6db2a9fe0Tine version 2.0 suffers from multiple cross site scripting vulnerabilities.
694f7255e76308ce35b0db450a361b7ae0102347788c3d19b4f0a1d65da87496Uiga Personal Portal suffers from cross site scripting and remote blind SQL injection vulnerabilities.
0850b0373ceb33e2e98600dcf74d17019ae0aceb37c2be131cea4721f59bce44CMSmini version 0.2.2 suffers from a local file inclusion vulnerability in edit.php.
702805a640d6eda3e44aef5fc8e7038fa46cbbcbc0b37d8ffa490299862bfbe4UnrealIRCd version 3.2.8.1 local configuration stack overflow proof of concept exploit.
71bfcad8bcbf78c8eb8c2135b6b8bf5399b78eae5d03c67e7d5e4610dc3236e6Opera versions 11.52 and below proof of concept stack overflow exploit.
d8e6d58f0c40d06f09f7f9e1562cc78db5502eabbfa08a284ed2ca5e41060dd9Opera versions 11.52 and below proof of concept denial of service exploit.
2a6758138a9765d3cc1929bce5ecaa3ec9bfcd4368b4177f67a84d7ea0a2adb9Innovate Portal suffers from a cross site scripting vulnerability.
c22074c325aeb15c37ca4f5817b771e46b72c691ba9e1f8b7e6fa94deaaf3133Free Way osCommerce suffers from backup related, file disclosure, and shell upload vulnerabilities.
deb392a1a7903348d0167f0991e8ddecec1f405715d0e637549f413ad5ea4b4aSplunk suffers from cross site scripting and denial of service vulnerabilities.
ddfc14ed113370c19fa721dd478402ae1860dca25d896e9d9263eea9a41993eeWHMCompleteSolution suffers from a local file disclosure vulnerability in cart.php.
bfd292d45169e284bde0b8ece7b60d1bb5440aa1f6200db240005f7bda953b72Openemr version 4.1.0 suffers from a remote SQL injection vulnerability.
da54a40ca9e2c46e698a4cb7a9c5ca2be8bb855d4386688f8350dbfcd224cf93Yet Another CMS version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
969a390927b6bb601dd3dcd96acdfeb55431ddbc9cfb876784386309b6077aca1024 CMS version 1.1.0 Beta suffers from a local file inclusion vulnerability in force_download.php.
c5ee1836f34737277d9dda98295f796a10de494c307edcbf334527f5915761b2Simple Free PHP Forum Script versions 1 and below suffer from multiple remote SQL injection vulnerabilities.
cfc43fc9e4e6d7837cfb56eea10a2a41183c5a9c1c7b0a374599091486bc34fdFile Management System versions 1.2.1a and below suffer from a remote SQL injection vulnerability that allows for arbitrary file download.
7c4cb1797a2b650b8cff85ee6118f70d40a098c823336136403197ed33f928bcSite@School version 2.4.10 suffers from cross site scripting and remote SQL injection vulnerabilities.
52694c6e5b1545947799ec5516fa803298868adbd0427bbd993cf8a1ce6c7ee4This Metasploit module exploits a file creation vulnerability in the Webkit rendering engine. It is possible to redirect the output of a XSLT transformation to an arbitrary file. The content of the created file must be ASCII or UTF-8. The destination path can be relative or absolute. This Metasploit module has been tested on Safari and Maxthon. Code execution can be achieved by first uploading the payload to the remote machine in VBS format, and then upload a MOF file, which enables Windows Management Instrumentation service to execute the VBS.
c3cc069840b33d66dc0f5eb936fd86d7c0e81a9ca3077cb540669d0523d716ebDolphin versions 7.0.0 through 7.0.7 remote PHP code injection exploit.
f8491a4888891439bd445b8f8fad6b81712c31b0ac7b701243d0d96f85f10c23The Joomla NoNumber Framework component suffers from local file inclusion and shell upload vulnerabilities.
e3ae091577864ca2191cda6842e17f20d23686b3a23d2de2b27c1ca2850d9f76Northern Racing suffers from a remote SQL injection vulnerability.
b537bbb9d4a91562f89cc78fa5612e6b135909ae054e17b2edda07a006528f79Eurotax.com suffers from a cross site scripting vulnerability.
d9fe81ebef5026ce0ee70120ba44d61061a6692e1778b7957a06c7230d83c351Sites powered by Webciters suffer from multiple SQL injection vulnerabilities.
750e1c069dc13cb7dcdcaca62659ef9bb62002de1c8bf40379f2d0727ed67fcd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed