The WordPress BulletProof Security plugin suffers from a cross site scripting vulnerability.
c4c73a666f9c5b135276a6fb0f81181e11045470d01eda786e646c88c500260b
The WordPress Better WP Security plugin suffers from a cross site scripting vulnerability.
31227c75ab186bbc50acee0cd1c5fad5814d561a7fac16365b8a42bd0f7e4135
The WordPress Custom Contact Forms suffer from multiple cross site scripting vulnerabilities.
6fbdbdd9d16b2eecdf7564812c327cfa17babb9f81e82c4c9afda08562ba71e5
The WordPress 2-Click-Socialmedia-Buttons plugin suffers from a cross site scripting vulnerability.
0bb0732ad689e55347e573e1989e0f03f7afb1b9d317d6027800702fc33c87b4
Chevereto version nb1.91 suffers from a remote denial of service vulnerability.
faf9f719b7e5f4a8a9cff20c7614c5eb0b50816a85346f253133c47b0e725597
Chevreto Upload Script suffers from cross site scripting and user enumeration vulnerabilities.
652bb56ffcc83e4e9f8c891a98b7b9a5ded3cf4471aced7d86d312e0ab0daf48
Serendipity version 1.6 suffer from backend related cross site scripting and remote SQL injection vulnerabilities.
4db56a7b7494edd69f88b7f2f0db6ddec3696ab66be10f3a4476c4d89c56033a
Guitar Pro version 6.1.1 r10791 crash proof of concept exploit that creates a malicious .gpx file.
b47118b6504b93679f30789d5a6f880b92105d33719aa58355ff34da6cc8da53
DecisionTools SharpGrid suffers from an active-x related remote command execution vulnerability.
605cb9c8ab0da81a67bc37b2736bffbfe9257a79f8659b7b27c6c01c05f9abb7
X7 Chat versions 2.0.5.1 and below suffer from a cross site request forgery vulnerability.
5a6c30045da825b60c8631b4e54c65d985928c2498b1dc1768c3aaa8458e6b85
Andromeda Streaming MP3 Server version 1.9.3.6 suffers from a cross site scripting vulnerability.
1ea8c761d7de6074555e51c75cfd706e0affc0f9e9ca8a504823b9ad80bc566e
This Metasploit module exploits an out-of-bounds access flaw in Firefox 7 and 8 (versions 8.0.1 and below). The notification of nsSVGValue observers via nsSVGValue::NotifyObservers(x,y) uses a loop which can result in an out-of-bounds access to attacker-controlled memory. The mObserver ElementAt() function (which picks up pointers), does not validate if a given index is out of bound. If a custom observer of nsSVGValue is created, which removes elements from the original observer, and memory layout is manipulated properly, the ElementAt() function might pick up an attacker provided pointer, which can be leveraged to gain remote arbitrary code execution.
94acb924f037607a74196ffbd40dc6b26726a6b5e2a13e1caa089d6e3b0c2406
The Cisco Linksys WRT54GL router suffers from a cross site request forgery vulnerability.
15765a5278a3d85691a1560925b05f28f2c55ddd9ccac8024f86755afe32809a
Core Security Technologies Advisory - SAP Netweaver is a technology platform for building and integrating SAP business applications. Multiple vulnerabilities have been found in SAP Netweaver that could allow an unauthenticated, remote attacker to execute arbitrary code and lead to denial of service conditions. The vulnerabilities are triggered sending specially crafted SAP Diag packets to remote TCP port 32NN (being NN the SAP system number) of a host running the "Dispatcher" service, part of SAP Netweaver Application Server ABAP. By sending different messages, the different vulnerabilities can be triggered.
84108ccf75a417b942e0291cf7c3798ea4c264ddce271305c260f4c3931d47e5
Bagler CMS suffers from cross site scripting and remote SQL injection vulnerabilities.
456977912384df602200c12ee51909b89bbbde0e1daab9affab1a16180702cdd
PHP Enter suffers from a code execution vulnerability.
0e40cede5b489ccd4eccd31c3db4cd143a0b5033a7852925e405574541aa09d6
NeXus Infotech CMS suffers from a remote SQL injection vulnerability.
4102261f67b9adfce3df3dee981d8a33cea52eb43a006ebb120b0efd590aa460
Jibberbook version 2.3 suffers from an administrative bypass vulnerability.
b5b53e60f590f445c7ae12ebaa132d6dde7e0ddd3bbcac6745422c617c736ba3
Efront version 3.6.11 suffers from cross site scripting and shell upload vulnerabilities.
5c179156a4a5a17ecc6bdbcb3aafd189cc11707ca9c531ac8383372e7c32213f
Ramui Forum Script suffers from a cross site scripting vulnerability. The webmaster of this site has contacted us and has addressed this issue.
bb143f148ba5864fdc8665fdc8e1b51a1816c3792af5e9cdadbd6943fa22317f
EnjoyGraph Communication suffers from a remote SQL injection vulnerability.
6b9ac68af3f32ce61afad6dbf35317febde56226f530b7613dfc2b0fb9f157d5
Etelligence Technologies suffers from a remote SQL injection vulnerability.
c7af7077b26e61cce25b85e49175127640962d67a4623489e617eaa5bbec4d7d
Magnolia Development Group suffers from cross site request forgery and remote SQL injection vulnerabilities.
0dddd55b632c330921a6380014bf5672a8699881752fd31e21554b069d0bbdd0
Webrelations suffers from a remote SQL injection vulnerability.
3338ab0fcab8b4404f9adb5c9fe003468f9df14c4f0659aaf810f69155a928ec
Trombinoscope versions 3.5 and below suffer from a remote SQL injection vulnerability.
35520837705b4781429f47c3e17d1f0dfb67f61bfd7850f5184538c3821344a1