Yii Framework version 1.1.8 suffers from a remote SQL injection vulnerability.
d41438703075497185a196eafaeb2ea7f0fefde46cd9bc2ccba91796a1f6e261
Feng Office version 2.0 Beta 3 suffers from cross site scripting and privilege escalation vulnerabilities.
c7f9176fbec9a9bd75131316e5716c7fac417c119bd0f14371400af5c4cdfa99
LAN.FS Messenger version 2.4 suffers from a remote command execution vulnerability.
7de0a626d8e85e7fe42ad8322fa0153c0c6b0992ca1a1e994040291c4bab64e7
Adobe Reader version 10.1.4 suffers from a WriteAV memory corruption vulnerability.
ed7d42a1bc5af03c0ce74930cfd8ffba1052cad9470fbe8ea6967e3959181afc
WordPress Facebook Survey third party plugin version 1 suffers from a remote SQL injection vulnerability.
8ce3162ca5a759c35cd1f80a58eba9b55ff0c6e87d0cf751fcb944e14d7f3795
TP-LINK TL-WR841N versions 3.13.9 Build 120201 Rel.54965n and below suffer from a cross site scripting vulnerability.
043a1aa84308acf95decc9f1014aeb083a38288f260b4a4a40591b9a99af5b82
Sites designed by Webthinkers suffers from cross site scripting and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.
1642ea82db2cb4b918486fb4534c5f4cc8ccdd9d87ad959013a19325c7c9f0d5
Sites design by Diseno Internet Chile suffers from cross site scripting and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.
0fc06ad1c6f997e566e6183aae46b78c07df5840d8471a8dc628c1e7765bdaef
Sites design by Base Solida suffer from cross site scripting and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.
d965a0782c1c3cc4f60b24ee78e04c0c8b8c1dd00d1dcb4e4e240854679fa228
SonicWALL CDP 5040 version 6.x suffers from cross site scripting vulnerabilities.
d327fc4a15cab77c142b8aedf8542490977dbcef6a6f7679bbe7a160c4a94dcc
WordPress FireStorm Real Estate third party plugin version 2.06.08 suffer from a remote SQL injection vulnerability.
afee220fc37a19dd1e4636328e01cb5548fc2e617d7f0cd1f863b9b1eac2f164
Apple QuickTime versions 7.7.2 and below suffer from a buffer overflow vulnerability in the handling of TGA files.
3c48abe71248d510eb46af93dfcf4cd9068d33680911fdd9c64bf61c9d359d01
FormatFactory versions 3.0.1 and below suffer from a profile file handling buffer overflow vulnerability.
0c29efe3ead46ec1b8b8b18717562e87540d38612b3cbe97b146a01d6a7a66c6
Various Penske Media Corporation sites such as variety.com, la411.com, newyork411.com, and deadline.com all suffer from reflective cross site scripting vulnerabilities. Note that this finding houses site-specific data. Editor's note 01/04/2013: Per the advisory author, the issues have been resolved in all sites listed and Penske Media have addressed the issue.
0ee5e0affef62932ece9368ee73e2ab61594aecfc2a0ad7e7fc6c30c8d846b00
WordPress Madebymilk theme suffers from a remote SQL injection vulnerability.
53efbb3fb22fea393b7b557a40986a887585d9f65fc7b902c2bd190cec17cc9b
WordPress Dailyedition-mouss theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
e3b6e86eb2c0347606edadc71a935b17a5439f47d2053f6412d3576c51d782ff
A filter bypass vulnerability in Akeni LAN (LE) Messenger version 1.2.118 allows for malicious script insertion / cross site scripting attacks.
a856de3fd6a5d3af851ebd5974741c479af215deb2422d936244be3106873f79
Manage Engine Exchange Reporter version 4.1 suffers from multiple cross site scripting vulnerabilities.
88a98e8af73fd137f6bbd014be80a042c4c83acb3c1d6f43255c2ccbf4407a8e
Omni-Secure versions 5, 6, and 7 suffer from a remote file disclosure vulnerability.
c7976e9f4319789ecff0baa4aac29390e943b06f256fba7cbb192d9a9f5ae6f1
The Skype Account Service application suffered from a reset password/username vulnerability.
47ad6f50220ee53830173e0377be0516841a8b60569695b59844b96a36e1e0a7
The Skype Account Service application suffered from a session token bypass vulnerability.
81e159aed334870a8fa4696621cdbdbfd9454dd6dac853d85e668dc983dc5061
WeBid versions 1.0.5 and below suffer from a directory traversal vulnerability.
691fd6a645c981162b89806c3a38adbbac74928e9a8c6bdd1391a139433a93d9
Microsoft Office OneNote 2010 suffers from a WriteAV memory corruption vulnerability.
e7beebdffa62b0c8bab44b31791cda2bf7875af83b941a521c5aa933e91f031f
Ingress Security researchers have found cross site request forgery and cross site scripting vulnerabilities in WeBid versions 1.0.5 and below.
c1f896eea7c21f9264c91d05c357a72a7e8503da4782a9a2857721670657f5c7
LikeItNow Script version 1.0 suffers from a remote SQL injection vulnerability.
9fe8c5d5443a9a16da69480ee0b97ae88f5415b7f64190be840e0c6b31764376