Edimestre Plus version 2.0 suffers from a remote SQL injection vulnerability.
afd9f46314a3e4b22be45a44bcd35ed48502149cf2ccef3133884a2bcdb6d419
Toko Flamboyan suffers from a local file inclusion vulnerability.
b63e714907a91af1839c9d190986d9b859d9a354780f0f9cc80978fe936d97fa
Monstra CMS version 1.1.6 suffers from a cross site request forgery vulnerability.
731af584c0e15ee24021912c4c439fb486a533ce3eb3f64e31912a90faa9b533
CMS Schoolhos version 2.29 suffers from cross site request forgery, cross site scripting, and remote shell upload vulnerabilities.
8c52b0a930e74fc8e99a43dc214d1d9ad81e8f6781510fc34a208b1871870548
Zend Framework versions 1.11.11, 1.12.0 RC1, and 2.0.0 beta4 suffer from remote file disclosure via an XXE injection vulnerability.
c3bbf3eadcb973470c3821625d1d343feeac92ba6e51810c867cb80422569cac
IMCE Mkdir suffers from a shell upload vulnerability.
e4862ad1c8229486e151ffef5d58a420b118ab778afbcf8bf5ccae86186955b0
DigPHP, the web based file browser, suffers from a remote file disclosure vulnerability.
137ed2183213444ec50bf2684d013c77e6db58c57e7fbdb23e6d44bacd5f9f38
WordPress Website FAQ plugin version 1.0 suffers from a remote SQL injection vulnerability.
194080a9c6d560ac3dd0cf6014d77cc563bfbf371d95c99fbee6c22e24ceed4e
Dove Forums version 1.0.3 suffers from a cross site request forgery vulnerability.
03a69411efa7ea797c72c3c1d9d50aec88ce945f381905f67ca1dae3d0077606
The Asus iKVM/IPMI implementation stores credentials in the clear, in a text file, and readable by the anonymous user which has a hardcoded password of "anonymous" with no way to change it.
113384f21d7260eda3e28efe8b129c714d9f70b1f537a8ebb70663c9928415dc
Security Explorations does not agree with Apple's evaluation of a vulnerability they reported. They have decided to release proof of concept code to demonstrate a bypass vulnerability in Apple QuickTime Java extensions.
c2aeee9d3f479037cf3a1177e445be5a6068ad94532c3d4c68af96ada0b39421
Kingview Touchview version 6.53 suffers from an EIP direct control vulnerability.
f614238bf00bbff01c4cacb0de5e0d817d19edb0c4b62a906b365aace0a82525
Kingview Touchview version 6.53 suffers from multiple heap overflow vulnerabilities.
37f45498f2bff4a854d189b580bf99ea79b9dc21dfa6b458fdc14b0c63e2c8b6
Slim PDF Reader version 1.0 suffers from a denial of service vulnerability.
d1ffdeb69b179bf453e9df13d5f38f2ea80e5975170ad4c9dfbaf90077a7117b
The WD TV Live Streaming Media Player suffers from two implementation flaws that together allow for remote command execution as root.
30e038aaf42732de5c7c31917ec77feb71e99f5a032ca468e8d514c9181e41c1
Drupal Drag and Drop third party module version 6.x-1.5 suffers from a remote shell upload vulnerability.
d20be48fb476e6e13f7e457963b8e28ac136039c50a776c45993e46260ecf151
Autopagina CMS version 2.8 suffers from a remote SQL injection vulnerability.
a563a2bdda1882cafa89faf3ca21ba53255d47d50c45f1edde7b0866d86b906f
Umapresence version 2.6.0 suffers from remote shell upload and file deletion vulnerabilities.
34c100c2e912e0c0e0f50bd32af4870f83873de3311da8742d14b3108c80e283
Able2Extract and Able2Extract server version 6.0 suffers from a denial of service vulnerability.
ab32292905312ba912de21c5e6dc97b63078bc9aba3c2d7e2bb0d20ef3ff08fb
Able2Doc and Able2Doc Professional version 6.0 suffers from a denial of service vulnerability.
c10a756810f848125bb592c0fffa27ca8b2a9b951b84b8538dac2d376c20130c
Parodia versions 6.8 and below suffer from multiple remote SQL injection vulnerabilities.
3346fbc895106be67797c2ad22951a0528f242762f726de17bfbffbe295c2925
Winamp version 5.13 suffers from an exception handling vulnerability that can result in a denial of service condition.
2127aabbcaa4db304cf0c119fce2dc6c3fd0e678df17d3ddab23e717e65636b1
UCCASS versions 1.8.1 and below suffer from a remote blind SQL injection vulnerability.
b8c072201969e215c928967dd018fca97955e7ebb45ed7b5871beabe68f2e728
SugarCRM CE versions 6.3.1 and below suffer from an unserialize() PHP code execution vulnerability.
aab5a6efe1a4cde61efe9db861472c86ce178987dbf7a7fa592b500fdf1a7a17
IrfanView version 4.33 suffers from a DJVU image processing heap overflow vulnerability. Proof of concept included.
e436390561dec51d8a5dee5ab9cec39964b18ee239173724fdeb63a1dfbb24c1