Browser CRM version 5.100.01 suffers from cross site scripting and remote SQL injection vulnerabilities.
bae97a2f001f9e5a7e7f686512d05a5386310e22c1fd7651534103e0c0799133
Citrix XenDesktop, XenServer, Receiver version 5.6 SP2 suffer from a pass-the-hash attack vulnerability due to not using SSL.
1cdc447222c2b4047d47fb0a65039267225b922c70e82b599759e03fa6d8207b
PHP-SCMS version 1.6.8 suffers from a lang parameter cross site scripting vulnerability.
8af2e21c899f1dbe3d291696e18143a62b665b81a4f1fd151f55371e03968046
Nagios XI versions prior to 2011R1.9 suffer from privilege escalation vulnerabilities.
643fef59b27e303e0e2fa119f2e8b592b6fe5c23465d56ba6cf208e2b0d73e94
Nagios XI versions prior to 2011R1.9 suffer from multiple cross site scripting vulnerabilities.
5640334d1067d67c36be2d867c6ee9221a65d4d25ea44ef78f66a49b6bc9bc5a
i4Style Web Design suffer from remote SQL injection and cross site scripting vulnerabilities.
1c38a500e4e3bdab6965199201e8033eaa702be19dfcba11c26c7d32d01d9ef3
Pulse Pro CMS version 1.7.2 suffers from a reflective cross site scripting vulnerability.
7ac8b17da44b732b9b90bd09f91ffc20f29f62b91f7658435d9276d8d927ea3d
Faculte suffers from a remote SQL injection vulnerability.
b1f51062912e66889bce1041634f968380ede406aedf5e9975d55ab092099082
Two additional open redirects have been discovered under google.com.
bbfc0a480b7dc05e10c1976807a555b3da5b314d4ad5afc42fb6f791b6f5330d
This Metasploit module exploits a remote stack buffer overflow vulnerability in 3S-Smart Software Solutions product CoDeSys Scada Web Server Version 1.1.9.9.
9380ae1d770450dec8ad28bbf0b92b9e420e8cda38119169c69b13c41f6b845a
This Metasploit module exploits an arbitrary command execution vulnerability in Traq 2.0 to 2.3. It's in the admincp/common.php script. This function is called in each script located into /admicp/ directory to make sure the user has admin rights, but this is a broken authorization schema due to the header() function not stopping the execution flow.
dffc7356e911b26d771f5011bfe215352e628f842cedc4e8945c25cf29569ed8
Fork CMS version 3.1.5 suffers from multiple reflective cross site scripting vulnerabilities.
ce9a1264ed0a258fa8e69b7087ad7b548a63a7017062b50ae45a1bde1d9dbc79
UseBB version 1.0.14 suffers from a cross site request forgery vulnerability.
256d8a2f76ff4e449264a7c192c18c16d6a0fa6c26f91c39b0532243007a2538
JavaScript allows you to exploit human cognitive abilities to a remarkable extent; tools such as window positioning, history.forward() and history.back(), open some scary possibilities that we are completely unprepared to deal with. This proof-of-concept aims to demonstrate this; while it is intentionally crude and makes no real effort to conceal its operation, the transitions can be made seamless and very difficult to perceive. Very accurate click prediction can be achieved by carefully measuring mouse velocity and distance to destination, too.
d7658f0d5bd78b6a2d13c915b7f4668b18228fb508f0cca309cdc5652565e5c9
Squiz Matrix suffers from a user account enumeration vulnerability. Version 4.6.0 is affected.
11e51947110c45d05b178439be90c82da92993cb59103aae985050de627374f7
Keshav Infotech suffers from a remote SQL injection vulnerability.
0c59b34a87c8c8a18df1a7525a0eb028882f5990eb4342d2c01fb08ffa918121
zFTPServer Suite version 6.0.0.52 suffers from a rmdir directory traversal vulnerability.
d81dabccf1613859742df0258d0815399dcc0bb6fa8c6a6f658c9b63f62edd12
UseBB Forum version 1.0.14 suffers from a cross site request forgery vulnerability.
9af21b91ae8876e6b4a35b96e4811e8405fdd1ffd49025453b5bb750ad6e5c4b
Hrithikrules.com suffers from a cross site scripting vulnerability.
f7a1ca6541294603c3cb438915676b51cae599bac1e98eee4060d51690a8f423
FCMS versions 2.7.2 and below suffer from multiple cross site request forgery vulnerabilities.
09afb1bfca46b03a639f6d879a92455fc64819f72f67724e6c3a57992651ccb7
Xoops version 2.5.4 suffers from a remote blind SQL injection vulnerability.
2b179a5b592970daa6c84cd35f7b2c76a1fa845165abf65d270f5d19cbea058e
Digital Scribe version 1.5 suffers from a cross site request forgery vulnerability.
d89220e612658209a0a53bf2f07815e4783ae69c51cc994725f7bf68d71fc8c9
Pixie version 1.04 suffers from a blog post cross site request forgery vulnerability.
51e68d1acd27d0ec24b2a7bc2def683ca87f6f06cb2075fc170ea91ce0b7e7eb
2B.COM sprl suffers from a remote SQL injection vulnerability.
7c7d483a891e647b0933ba514aa6478bf11df06521a5fa3a5c37fd900ec9796e
The search engine at search.babylon.com suffers from a reflective cross site scripting vulnerability.
a058da3322355dea54968eb6a909522538f6f19ddac9df9320726a42c32c2df3