WordPress Slider Revolution Responsive plugin versions 4.1.4 and below suffer from an arbitrary file download vulnerability.
5741a1911337aab8b63be960a0944a5df6cd526dcc7be9097e32d2f40cfaa290
Sagem F@st 3304-V1 suffers from a denial of service vulnerability.
089e8d0a65adc5f8eab0b71bb5f705b88968a278bc59b169bca15e150f1b2b50
Some products from dtSearch Corporation suffer from DLL hijacking vulnerabilities.
87e83a726c488205e1c94f35efd7cb24908ceba7d6b5cee6a82f172f67229fee
WordPress Lead Octopus plugin versions prior to 1.1.1 suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data. NOTE: The author of this plugin has contacted Packet Storm and claims they have fixed this issue as of 2014/12/07. The fixed version is 1.1.1.
e229e4737c7358e8d3d774eb912c332444859671ff6cfb1f926797bc8f4fcf09
WordPress FBGorilla plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
f89f508dfe6ffe796d290addc918b30d1491a26d310f6cc72ac228fda1c72c98
Netgear DGN2200 with firmware version 1.0.0.29_1.7.29_HotS suffers from a password disclosure vulnerability.
fe3616ab9fc7139749487df4bffe5aaae99e953e9bed6452c87d511fe27628fb
Moodle version 2.7 suffers from a persistent cross site scripting vulnerability.
959eea10516335cfd227b085fe290db6e24c09b51b65eae621a5fba7876d90e6
Zenoss Monitoring System version 4.2.5-2108 64-bit suffers from a persistent cross site scripting vulnerability.
b6b364b0ca0afa7eba0ab172d073556261e1df677443861f1f420ec11a947851
Easy File Sharing webserver suffers from a persistent cross site scripting vulnerability in the forum messages.
5fc2edb57adb417649cbb0813d961bc52ba43a0b6708d698727e55ceb5ae4c10
A vulnerability within the MQAC.sys module allows an attacker to overwrite an arbitrary location in kernel memory. This Metasploit module will elevate itself to SYSTEM, then inject the payload into another SYSTEM process.
c3dce854c36c28e545304c300892721f5fed0a84228f0ce24204cc34d072d2a6
BulletProof FTP Client 2010 suffers from a buffer overflow vulnerability.
a3e7475d74bd6f99e53fd8483d4127bbad6e74912100255cd47b89d09a52540d
Ubiquiti AirVision Controller version 2.1.3 suffers from an overly permissive default crossdomain.xml file.
6318c6697c238ece9eeaeec23969f86bf02a5ced36a26fc6cec3e4b648f18ab6
Ubiquiti UniFi Controller version 2.4.6 discloses the administrative password hash via syslog messages.
597a700074a9e5cd6247e5ed9af269ba563e594e93c3abd71b128f81eabf405e
Pligg versions 2.0.1 and below suffer from remote SQL injection, path disclosure, and remote command execution vulnerabilities.
1106d40e63dfda0f4c08b105daf37ddbcff5e05e6e778d344963e51577050f2a
Parallels Plesk Panel version 9.5 with Sitebuilder 4.5 suffers from bypass, file download, shell upload, and cross site scripting vulnerabilities.
83b4cbbdfd10cf94646d23defcb68ffc78fee068d10cb70d6204e6c4c6d7f949
Make version 3.81 heap overflow proof of concept exploit.
14b0b140bd73a1914aa006a6dd5d4e0cde53830c36bf9682c1ad8162aa589d61
Lian Li NAS suffers from hard-coded cookies, authentication bypass, backdoor accounts, privilege escalation, and various other vulnerabilities.
3beb9f254b611e2bd928ddade1f770e4ee79355c995275396c0bd8b3574ada1d
Omeka suffers from an authenticated arbitrary PHP code execution. The vulnerability is caused due to the improper verification of uploaded files in '/admin/items/add' script thru the 'file[0]' POST parameter. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script file that will be stored in '/files/original' directory after successfully disabling the file validation option (or adding something like 'application/x-php' into the allowed MIME types list) and bypassing the rewrite rule in the '.htaccess' file with '.php5' extension. Versions 2.2.1 and 2.2 are affected.
0a1342ee773203c952cf130020bde67a3a822d5d3ee8eec7f9380b7a27d2f503
Ubiquiti Networks UniFi Controller version 2.4.6, mFi Controller version 2.0.15, and AirVision Controller version 2.1.3 suffer from a cross site request forgery vulnerability.
cf5d956415dfe69bd227bf92fe0ee5baa564b421821ec63c1aeec8494b6581f5
WordPress Video Gallery plugin version 2.5 suffers from cross site scripting and remote SQL injection vulnerabilities.
fa03954d2dcdb36b2c9e8c2703248818216e1246ba65e78aacd009799544085f
Windows Mail will execute a rogue program if it is sitting at C:\Program.exe.
f3534d160722b0c8512076ca40f68dc52eb9958ad735b147cbbd847d80bd678a
E2 version 2844 suffers from a remote SQL injection vulnerability.
63913ddb814634966361c1f31d81e76051565a5ad0dff9f9eb82add59af7c65f
CMS VIA-X suffers from a remote blind SQL injection vulnerability. Note that this finding houses site-specific data.
c576b69c2407c32e44d916f75ae68e671126b59ddd77b7b21af755f15504f105
Ukora CMS suffers from a remote shell upload vulnerability.
4939be5f0624ca40f27c3c657fb7fdd215ccd01bc9e2bf573955798f67f0fd80
DELL SonicWALL GMS version 7.2 build 7221.1701 suffers from multiple reflective cross site scripting vulnerabilities.
8c628a32636a204c5621e732a5912dbe9bec353645b48fb912eabe6942908969