The WordPress BulletProof Security plugin suffers from a cross site scripting vulnerability.
c4c73a666f9c5b135276a6fb0f81181e11045470d01eda786e646c88c500260bThe WordPress Better WP Security plugin suffers from a cross site scripting vulnerability.
31227c75ab186bbc50acee0cd1c5fad5814d561a7fac16365b8a42bd0f7e4135The WordPress Custom Contact Forms suffer from multiple cross site scripting vulnerabilities.
6fbdbdd9d16b2eecdf7564812c327cfa17babb9f81e82c4c9afda08562ba71e5The WordPress 2-Click-Socialmedia-Buttons plugin suffers from a cross site scripting vulnerability.
0bb0732ad689e55347e573e1989e0f03f7afb1b9d317d6027800702fc33c87b4Chevereto version nb1.91 suffers from a remote denial of service vulnerability.
faf9f719b7e5f4a8a9cff20c7614c5eb0b50816a85346f253133c47b0e725597Chevreto Upload Script suffers from cross site scripting and user enumeration vulnerabilities.
652bb56ffcc83e4e9f8c891a98b7b9a5ded3cf4471aced7d86d312e0ab0daf48Serendipity version 1.6 suffer from backend related cross site scripting and remote SQL injection vulnerabilities.
4db56a7b7494edd69f88b7f2f0db6ddec3696ab66be10f3a4476c4d89c56033aGuitar Pro version 6.1.1 r10791 crash proof of concept exploit that creates a malicious .gpx file.
b47118b6504b93679f30789d5a6f880b92105d33719aa58355ff34da6cc8da53DecisionTools SharpGrid suffers from an active-x related remote command execution vulnerability.
605cb9c8ab0da81a67bc37b2736bffbfe9257a79f8659b7b27c6c01c05f9abb7X7 Chat versions 2.0.5.1 and below suffer from a cross site request forgery vulnerability.
5a6c30045da825b60c8631b4e54c65d985928c2498b1dc1768c3aaa8458e6b85Andromeda Streaming MP3 Server version 1.9.3.6 suffers from a cross site scripting vulnerability.
1ea8c761d7de6074555e51c75cfd706e0affc0f9e9ca8a504823b9ad80bc566eThis Metasploit module exploits an out-of-bounds access flaw in Firefox 7 and 8 (versions 8.0.1 and below). The notification of nsSVGValue observers via nsSVGValue::NotifyObservers(x,y) uses a loop which can result in an out-of-bounds access to attacker-controlled memory. The mObserver ElementAt() function (which picks up pointers), does not validate if a given index is out of bound. If a custom observer of nsSVGValue is created, which removes elements from the original observer, and memory layout is manipulated properly, the ElementAt() function might pick up an attacker provided pointer, which can be leveraged to gain remote arbitrary code execution.
94acb924f037607a74196ffbd40dc6b26726a6b5e2a13e1caa089d6e3b0c2406The Cisco Linksys WRT54GL router suffers from a cross site request forgery vulnerability.
15765a5278a3d85691a1560925b05f28f2c55ddd9ccac8024f86755afe32809aCore Security Technologies Advisory - SAP Netweaver is a technology platform for building and integrating SAP business applications. Multiple vulnerabilities have been found in SAP Netweaver that could allow an unauthenticated, remote attacker to execute arbitrary code and lead to denial of service conditions. The vulnerabilities are triggered sending specially crafted SAP Diag packets to remote TCP port 32NN (being NN the SAP system number) of a host running the "Dispatcher" service, part of SAP Netweaver Application Server ABAP. By sending different messages, the different vulnerabilities can be triggered.
84108ccf75a417b942e0291cf7c3798ea4c264ddce271305c260f4c3931d47e5Bagler CMS suffers from cross site scripting and remote SQL injection vulnerabilities.
456977912384df602200c12ee51909b89bbbde0e1daab9affab1a16180702cddPHP Enter suffers from a code execution vulnerability.
0e40cede5b489ccd4eccd31c3db4cd143a0b5033a7852925e405574541aa09d6NeXus Infotech CMS suffers from a remote SQL injection vulnerability.
4102261f67b9adfce3df3dee981d8a33cea52eb43a006ebb120b0efd590aa460Jibberbook version 2.3 suffers from an administrative bypass vulnerability.
b5b53e60f590f445c7ae12ebaa132d6dde7e0ddd3bbcac6745422c617c736ba3Efront version 3.6.11 suffers from cross site scripting and shell upload vulnerabilities.
5c179156a4a5a17ecc6bdbcb3aafd189cc11707ca9c531ac8383372e7c32213fRamui Forum Script suffers from a cross site scripting vulnerability. The webmaster of this site has contacted us and has addressed this issue.
bb143f148ba5864fdc8665fdc8e1b51a1816c3792af5e9cdadbd6943fa22317fEnjoyGraph Communication suffers from a remote SQL injection vulnerability.
6b9ac68af3f32ce61afad6dbf35317febde56226f530b7613dfc2b0fb9f157d5Etelligence Technologies suffers from a remote SQL injection vulnerability.
c7af7077b26e61cce25b85e49175127640962d67a4623489e617eaa5bbec4d7dMagnolia Development Group suffers from cross site request forgery and remote SQL injection vulnerabilities.
0dddd55b632c330921a6380014bf5672a8699881752fd31e21554b069d0bbdd0Webrelations suffers from a remote SQL injection vulnerability.
3338ab0fcab8b4404f9adb5c9fe003468f9df14c4f0659aaf810f69155a928ecTrombinoscope versions 3.5 and below suffer from a remote SQL injection vulnerability.
35520837705b4781429f47c3e17d1f0dfb67f61bfd7850f5184538c3821344a1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed