Media Player Classic versions 1.3.1752.0 and 1.3.1249.0 suffer from a memory corruption vulnerability.
72e6905bded58af15f52c4ad05f745542da4e23e0dc7247a727672389e3adbcf
CGR BRASIL CMS suffers from a remote SQL injection vulnerability.
527dde2e24f1d000e533c516a9df7e090f7841c90a7a5cd268ea4f3be425586a
Teracom Modem version T2-B-Gawv1.4U10Y-BI suffers from a cross site request forgery vulnerability.
71a9b2c66933bf72c54243b81d3d232f58e712e9916da09ea4b19a2ca29156a6
PTCeffect version 4.6 suffers from local file inclusion and remote SQL injection vulnerabilities.
046f7baad0df2c97db124b073305bfd7178fb7f8669b3f780317d7b7cd245fde
WordPress WP JS External Link Info plugin suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
2ef7d352f427a842088de677084fa9899cee9258a7e93dc579f0735225b1b6cd
DuBose Web Group CMS suffers from a cross site scripting vulnerability.
71fc0768bde71f8ebbdbbe0c157814ad3cc0a5fa917f48b9bb50ab643d3f4771
CMS Morpheus suffers from a remote SQL injection vulnerability.
8d433affecbd9083d6d0d5ca8cfe33d5979b68bdbcdc7f1c99de36806ed33f5e
Wapoweb suffers from a remote SQL injection vulnerability.
feaf5ba80725f4f6e2ddd10437fe2b53cbb2c78f89802475d977337e593513be
Indeziner CMS suffers from a cross site scripting vulnerability.
717c52498e9ce4c54be05a50b667515fa0a0f0fb8e8c1d545452c7a08217743b
This Metasploit module exploits a vulnerability found in the ActiveX component of Adobe Flash Player before 11.5.502.149. By supplying a specially crafted swf file with special regex value, it is possible to trigger an memory corruption, which results in remote code execution under the context of the user, as exploited in the wild in February 2013. This Metasploit module has been tested successfully with Adobe Flash Player 11.5 before 11.5.502.149 on Windows XP SP3 and Windows 7 SP1 before MS13-063, since it takes advantage of a predictable SharedUserData in order to leak ntdll and bypass ASLR.
b765e1a53957bbf2df1ce33a8e36732231faa2f5864b98a4ceb6d3e0804e069a
Ruby Gem sfpagent version 0.4.14 suffers from a remote command injection vulnerability.
381d86b6c936ec04601fb4ec173464e5e28efd43a987894099a5abbcdeb655d0
CU3ER versions 1.24 and below suffer from cross site scripting content spoofing vulnerabilities.
6e86c459b99e38a55fab63fd691e103dbb0af2c70d819ef4ac0d021fcf4e9003
Proof of concept exploit that reactivates a backdoor on TCP/32674 of Sercomm systems.
22254a656151627a28c31ff9c661202ab542ce9aa03cb3f73756d08f545e756d
Linux group_info refcounter overflow memory corruption denial of service exploit.
447c31527aa6360e89965d7a1ef8a8ee43cc54a779a511209bc4f64815f1227e
vBulletin version 5.1 suffers from multiple cross site scripting vulnerabilities.
b4526db8b9f3e784a8e3d60a613cf3197b0d51e48b0129a6da0f920693f62a15
D-Link DAP-1320 wireless range extenders suffer from cross site scripting and directory traversal vulnerabilities.
77b810526b2243160b03793dfdb3c3585e5ec7325808307c5d7dc5f0e4ec20bd
F-Secure Messaging Security Gateway version 7.5.0.892 suffers from a reflective cross site scripting vulnerability.
1ebe4673c3131e4294001e8442564433f1c1492f36c6fab08541b4faaba0b2bb
Nagios Remote Plugin Executor (NRPE) versions 2.15 and below suffer from a remote command execution vulnerability.
035764b6de0406994622b53a57f33221624085f4e55263d2f7452b0cfbc8b3ed
CMSimple versions 4.4.2 and below suffer from a remote file inclusion vulnerability.
f91d039649d0d7455138e22a97cb9bbde986f51fffebbd0a62328e6e857ccbea
Jzip version 2.0.0.132900 structured exception handler (SEH) unicode buffer overflow denial of service exploit.
a6e85747e12c5a2bb932271a468a9287a562d49c9948a9fb730c4886698b8934
ASUS RT series of routers disclose administrative credentials.
8772a0c6d1603fbc6b5d100af4cf6abccf78190e836b3ada0d1b5bdd764b4937
Core Security Technologies Advisory - SAP Router is an application-level gateway used to connect systems in a SAP infrastructure. A vulnerability have been found in SAP Router that could allow an unauthenticated remote attacker to obtain passwords used to protect route entries by a timing side-channel attack.
67534b1aa55c4ebc99ebad2f7db41847f6e0a096fd1ef794897091693aa6aa8a
MobFox mAdserver version 2.0 suffers from a remote SQL injection vulnerability.
469bad10763b6818af316c907c21b5437b0335df565f56c9356dd44dd0cce242
Ektron CMS version 8.7 suffers from a cross site scripting vulnerability.
9637b8b1c6742cd767c5158770127fe5062c9de9308e72ad987388ac7dba136b
CMS Studio suffers from a cross site scripting vulnerability.
f33f9d853dd9b613db5cbd03c7aed249f72f61b514909503612db63af377ca1e