Plone CMS suffers from a URL redirection credential disclosure vulnerability.
c8126f47351b05580931419b3561fe0a88c1f95cf8946c7dcd4656a6d3036dc7
bloofoxCMS version 0.5.0 suffers from cross site request forgery, local file inclusion, and remote SQL injection vulnerabilities.
668beef15d4f8f90dfb10c1735f36d023ec89384dee1488778317af0eb2ea645
Enghouse Interactive IVR Pro (VIP2000) suffers from a remote root authentication bypass vulnerability due to a backdoor private/public ssh key being on the systems.
9a973cc7a8a5306a32bf2e720f7349327145d6bf719e12f5ffffa787228cb573
bloofoxCMS version 0.5.0 suffers from a cross site request forgery vulnerability that allows for PHP code injection.
988e6ee3eaf925c583a5a4974787622711445dbe0b89779c4e5cc37dd851f755
ManageEngine EventLog Analyzer version 8.6 suffers from a cross site scripting vulnerability.
fb2b863e3a6c89be1bed5b157e455b433c0efa45b5c8a60e740a73a619b3c3ba
haneWIN DNS Server version 1.5.3 suffers from a denial of service vulnerability.
fd11894f27db6ea3d16ce79549c8d30b70900e68f2b0ffdfe964f4db55ce894b
Joomla Sexy Polling extension version 1.0.8 suffers from a remote SQL injection vulnerability.
386f633addc7fcd69c71714e10ca43a9577c114d2f48bae9ca88cbf0936b85a3
Ajenti version 1.2.13 suffers from a persistent cross site scripting vulnerability.
f2384d32b3cba7169334e5e7866064ae6d12640e7c4f7b1f468bed3c547f1f20
DomPHP versions 0.83 and below suffer from a remote SQL injection vulnerability.
cb2dcf35ad0fd792e1f894e8174876bc0f117e63ac62244dd54a12a0b864d723
SmarterMail Enterprise and Standard versions 11.x and below suffer from a persistent cross site scripting vulnerability.
2ed7fdcafc2c32f5180ce94a972dd1a299b8ef19a252dc6474a6b3e1d1d65458
XAMPP version 3.2.1 suffers from a cross site scripting vulnerability.
7e4de4aa57bfb79c844e7b693a14cc3809880e3e4222a8e2b4765d28905bc3cf
Q-Pulse version 0.6 suffers from a cross site scripting vulnerability.
aeddee49f18b63a3ba201fb1edece17f1012a2441aad502132c7694694ce86db
Vacation Rental Script version 3.0 suffers from file disclosure, cross site request forgery, and cross site scripting vulnerabilities.
0a5e63d846266b7f8ce568eb5fb1d48f4ca2ea10715cc7d83810fba312734bda
Vacation Packages Listing version 2.0 suffers from local file disclosure, cross site request forgery, and cross site scripting vulnerabilities.
2bdf5252a437ed9b82fc9a36984e8ce2950adc00f97d72f42e80839b21d2f155
Collabtive version 1.1 suffers from a remote SQL injection vulnerability.
4ccd9392451157e07b80a97d674467a3ad3cd4c6211a3ac5eb02251e20a3f80d
Feixun wireless router model FWR-604H suffers from a remote command execution vulnerability.
a4d469886a452ba3ca6841d255b83c33a9d2eb192562894a501300d27c415c3a
Starbucks mobile application version 2.6.1 stores user credentials in the clear.
f357262cd9b2c84a1496c59559c4d8a36bac082c31aa8a2cd66a36eea00f39b0
Hootel Booking System version 3.0 suffers from file disclosure, cross site request forgery, and cross site scripting vulnerabilities.
f11147ea6f2aed760f4ad6a0e7accb507d0036a71ce14fc127752e18bebeb542
Property Listing Script version 2.0 suffers from a cross site request forgery vulnerability.
e80ab65a3f1d49557eb6f680730572fdfee9645a2c0d6934525c5217d5c4221b
Pet Listing Script version 1.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
4b171a2301b674180ecc85661048b60eafae8407b2cc0708295835dc4ad7f961
Web eXperts suffers from remote shell upload and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.
29a0b07f364907ca5a8f9f9460b45a293c40de6d5feebac7fb0362ac7a1255f0
SoapUI versions prior to 4.6.4 suffer from a remote code execution vulnerability.
fdafc7da1814b9291ce4fb8a036001c106992cd441f8dafe7c706b07de221cbf
Netgear WNR1000v3 routers suffer from a flaw in the password recovery flow that allows for disclosure of the plaintext router credentials. The flaw was reported to Netgear in April of 2013 and the vendor has yet to issue a patch. Included is a proof of concept exploit.
10ceab3cf4e7cbcfbcc0663fea13a84947509762cb859ef415f65fff661f9866
Auto Classifieds Script version 2.0 suffers from a cross site request forgery vulnerability.
f4f0fffe69805f55c03dd4a31592eafbfc1421a48ec87d99f775c50b1aad2ad3
Job Listing Script suffers from cross site request forgery and cross site scripting vulnerabilities.
b2338f2a886d952aed1cde8bf6be26f46771fabd7fff42691f37fb3b50f7c6b6