IBM Lotus Domino version 8.5.3 suffers from cross site request forgery, cross site scripting, and redirection vulnerabilities.
1130fe93667cda489b3f670cc5b50a599e490b92326bc69ca5a9d3e2a7a7cdbe
Cometchat suffers from remote PHP code execution and cross site scripting vulnerabilities.
e10b2358844ee3524c076cbbcfa2a28e92ce30f72f24e5cb176450b33ab7ab4e
The www.paypal-marketing.com.hk site suffers from multiple cross site scripting vulnerabilities.
f63e45be8e4800be48122e0af643ee4e634351747962dea6a722db28594dfd37
Sonar version 3.4.1 suffers from a cross site scripting vulnerability.
da83d02310daea94e8be2a54b299f802fa374cffed0e8c946fa47d875567844a
A memory corruption vulnerability has been identified in Photodex ProShow Producer version 5.0.3297. When opening a crafted style file (.pxs), the application loads the "title" value from the pxs file. The ColorPickerProc function does not properly validate the length of the string loaded from the "title" value from the pxs file before using it in the further application context, which leads to a memory corruption condition with possible code execution depending on the version of the operating system.
4c548ccf5e23c74bf6aebf62a75caa02e6097be464986683796f64a9f92f7c47
The Edimax EW-7206APg and EW-7209APg suffer from cross site scripting, HTTP header injection, and open redirection vulnerabilities.
caf5494f483d9fdfdddc161b8ffa759d8caa9aa9cf89ce0b6c0d0e843b783136
The TP-Link TL-WA701N and TL-WA701ND suffer from stored cross site scripting and directory traversal vulnerabilities.
94e97a9978ccdf366f647fe8f6856515428f710579e8124bc4f97d8d7503a1d9
Ultra Light Forum suffers from a persistent cross site scripting vulnerability.
3c929999a19a3a694535233c547f3ae40ddd30a3ca672877ad9e8887a35f58de
Raidsonic versions IB-NAS5220 and IB-NAS4220-B suffer from authentication bypass and persistent cross site scripting vulnerabilities.
fe8f5e0eadcb9f646b6f562ce732f7187fcdd832bcb2a1a6a738e78ba597f151
This Metasploit module exploits a vulnerability in the Foxit Reader Plugin, it exists in the npFoxitReaderPlugin.dll module. When loading PDF files from remote hosts, overly long query strings within URLs can cause a stack-based buffer overflow, which can be exploited to execute arbitrary code. This exploit has been tested on Windows 7 SP1 with Firefox 18.0 and Foxit Reader version 5.4.4.11281 (npFoxitReaderPlugin.dll version 2.2.1.530).
c450d4aab31791359842f4138d4d56fcaf0f328423e4c7eb05f96dcfe84d4a0e
Sonicwall OEM Scrutinizer version 9.5.2 suffers from multiple persistent script insertion vulnerabilities that can allow for cross site scripting.
58a2553eeb09eb1fb2fba9ea4f07d62b4521f18431bfed9b42718e241b4be423
An integer overflow vulnerability has been discovered in the EncoderParameter class of the .NET Framework. Exploiting this vulnerability results in an overflown integer that is used to allocate a buffer on the heap. After the incorrect allocation, user-supplied buffers are copied into the new buffer, resulting in a corruption of the heap. By exploiting this vulnerability, it is possible for an application running with Partial Trust permissions to break from the CLR sandbox and run arbitrary code with Full Trust permissions.
06f18bdcf7bab4db2000ea8c23e48d5c1532aafa073d2ac911c6d0ee597b446d
OpenPLI Dream Multimedia Box suffers from cross site scripting and remote OS command injection vulnerabilities.
f5d4feb4ba89383043e9c71ed9f5ca9c4929fef7a2cf63360283140f9e11618c
Sparx Systems Enterprise Architect version 9.3.931 stores user passwords in the database simply XORed with the ASCII code of 'E17030402158' instead of using a generally accepted hash function.
c25188d280eb3f8571477e0523b4354dac7099bf2f4c645c9420dac26b66858f
OpenEMR version 4.1.1 suffers from an arbitrary file upload vulnerability in ofc_upload_image.php. Included is an exploit that triggers a reverse shell.
d0a9864906a133104e4d3b529af97354bc0bafe48d8e3362a233ef4042d769e6
AbanteCart version 1.1.3 suffers from multiple cross site scripting vulnerabilities.
f6cdec7ff54047b5f14ed33f5fce580b3c8203a334dd3c08bdb68641eda3d703
The Polycom HDX is a series of telecommunication and video devices. The telnet component of Polycom HDX video endpoint devices is vulnerable to an authorization bypass when multiple simultaneous connections are repeatedly made to the service, allowing remote network attackers to gain full access to a Polycom command prompt without authentication. Versions prior to 3.0.4 also contain OS command injection in the ping command which can be used to escape the telnet prompt and execute arbitrary commands as root. Full Metasploit module included.
d6c612cfdc86b1458e81dbbcb92971210f9f19604de9afd1da509ddb21eceac2
Transferable Remote version 1.1 for iPad and iPhone suffers from cross site scripting, remote command injection, and local file inclusion vulnerabilities.
6877edbaf520d3096e1f6a36769dac53f740caf0b99e3898e1a5b85af18136ef
Sonicwall Scrutinizer version 9.5.2 suffers from a remote blind SQL injection vulnerability.
9fe429f76aeb5253943a20e0ae97a9628967b1e8617af19736b039801eb83c17
This advisory documents the 17th PayPal bug bounty Vulnerability Labs received for a cross site scripting vulnerability.
c3159303306fc3e4bd5a3833fb174c160953470d614af33b1969327a5efddea0
BlackNova Traders, a web-based game similar to the BBS game TradeWars, suffers from a remote SQL injection vulnerability.
28605edf410233103f0f7af8034f289dd39d1d7fabc070d6319ec0488810bf6c
The Huawei Mobile Partner application suffers from having extremely loose access permissions allowing for anyone to replace the files with malicious binaries. Version 23.007.09.00.203 is affected.
293dca6309dc7013be9f809e31e314d539fdfa96c54c16f41c22d76ba79ed4d6
Brother HL5370 printers suffer from arbitrary command execution and trivial password guessing.
bb7dcc80515b1fae40d34587ce5811e48bdec93f2a09a9cdafe16aaaa95990b4
This Metasploit module exploits a vulnerability in the Novell GroupWise Client gwcls1.dll ActiveX. Several methods in the GWCalServer control use user provided data as a pointer, which allows to read arbitrary memory and execute arbitrary code. This Metasploit module has been tested successfully with GroupWise Client 2012 on IE6 - IE9. The JRE6 needs to be installed to achieve ASLR bypass.
2bb2812e974be928ec96a6f900361814c1ad01f386937d1ecad587eb0c260f83
osCommerce version 2.3.3 suffers from a cross site request forgery vulnerability.
6899dfd0aba24fae96fc8aca3b04644601579d6527c6c1b6a86f31ffeb009ade