Apadana CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
122e5a72a6b60aa528956dc8cfaaad8b4971a382ce424a8ef9fd8aabae24348d
WordPress Html5 Mp3 Player with Playlist plugin suffers from a path disclosure vulnerability.
a395f8e1632fe09c9796015a953289ca7779ef8883cfb4207f74d122ee0bf176
The TRENDnet UltraCam ActiveX Control UltraCamX.ocx suffers from a stack buffer overflow vulnerability when parsing large amount of bytes to several functions in UltraCamLib, resulting in memory corruption overwriting several registers including the SEH. An attacker can gain access to the system of the affected node and execute arbitrary code. Versions TV-IP422WN and TV-IP422W are affected.
2d39a4ea21cf4afd0410a9a41c0e154ff98477ea7f9cd599dc79603605eed5e2
Mozilla Firefox 3.6 is prone to a use-after-free vulnerability in OBJECT mChannel that allows an attacker to execute arbitrary code.
63492638eb8f2df03de0dbf8395d34343238283febf9e9f33e6d25a0779b6e12
KMPlayer version 3.9.1.130 suffers from an integer division by zero denial of service vulnerability.
46e4225ba329eb3a05698c03f7d702576a31704dd6310911a1965c1518569b5d
This is a proof of concept that demonstrates how the Bash shellshock vulnerability can be used in PHP to bypass disable_functions, safe_mode, etc.
b9bd9444e5105c1afeb7ec6b5e23447262e07246b635b19251ef95b61a88d237
WordPress wpDataTables plugin versions 1.5.3 and below suffer from a remote SQL injection vulnerability.
87a417e5238d97fe9035e045c94dfd0fcf4fb3ff779079cb6b1d8e8d37e03b1d
WordPress wpDataTables versions 1.5.3 and below suffer from a remote shell upload vulnerability.
4c0eecc8ed8af779770866bde670598a67953b0d2cf85eb5d22da1857bc1698c
The TP-Link WR740N Wireless N Router network device is exposed to a denial of service vulnerability when processing a HTTP GET request. This issue occurs when the web server (httpd) fails to handle a HTTP GET request over a given default TCP port 80. Resending the value 'new' to the 'isNew' parameter in 'PingIframeRpm.htm' script to the router thru a proxy will crash its httpd service denying the legitimate users access to the admin control panel management interface. To bring back the http srv and the admin UI, a user must physically reboot the router.
2d5c67ad258cb6a1494990593e63c87d83f8cc8189f29863e2a405a87135f8cc
RobotStats version 1.0 suffers from an html injection vulnerability.
7334dff97c02fb6a3cbce85a0c35231f6db8854176882e8b32bd7555de203734
RobotStats version 1.0 suffers from a remote SQL injection vulnerability.
e4b88798aa77e59599613244d7d2d36b46a5acdcf0feb48cd953f4e277596bd4
WordPress WP-DB-Backup plugin version 2.2.4 suffers from a backup stealing vulnerability.
3f691ce1016dc80d468a5d6b6fae84df98d2312687594d4614b84f2d81dce5ec
FluxBB versions 1.5.6 and below suffer from a remote SQL injection vulnerability.
4b488418ebb74cff213944590b373890d3c07b58541f387aae4d4d478f269955
Privacyware Privatefirewall version 7.0 suffers from an unquoted search path issue impacting the Core Service 'PFNet' service for Windows deployed as part of Privatefirewall bundle. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
72c60aa352044f0a19f6a1f7017aca854db891e8955383cd6a110d5872cf10ce
The Netgear Wireless Router WNR500 suffers from an authenticated file inclusion vulnerability (LFI) when input passed thru the 'getpage' parameter to 'webproc' script is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks.
6b1cac42339ed6d753c18f9439e8f09185a5a002e722156840b34f1b66a6a123
Supr Shopsystem version 5.1.0 suffers from a persistent cross site scripting vulnerability.
d239919808c42bcfd73d9a1bdc41e0e79ba071ea4ba1128d751cd075c2db8070
WordPress SP Client Document Manager plugin version 2.4.1 suffers from multiple remote SQL injection vulnerabilities.
b18e6e4b484a312dbda33b1e6f7d610706ece1a457666fdd2cd58a06ceab8864
Booking.com suffers from an open redirection vulnerability.
f2358fbee6f5af6b154336cd6f1cd85ff2e91030dd22a7ffc1202c127a773e86
Zenario CMS version 7.0.2d suffers from cross site scripting and open redirection vulnerabilities.
544d76bbfe2ee7fe1e09e322e7b0f4b627b274a70c83144675ce569ff75ff7a6
Microsoft Internet Explorer OLE Pre-IE11 automation array remote code execution / powershell VirtualAlloc MS14-064 exploit.
d3053b664458c408fee9df099a23f568d9bd4a2935dc2bc5f92cc1ab8dda07aa
This Metasploit module exploits a buffer overflow in the RTSP request parsing code of Hikvision DVR appliances. The Hikvision DVR devices record video feeds of surveillance cameras and offer remote administration and playback of recorded footage. The vulnerability is present in several models / firmware versions but due to the available test device this module only supports the DS-7204 model.
6b2b9a85fb38d16071b6b342c045ffee4f7eec319cde44c45f5692a33a084002
Core Security Technologies Advisory - Advantech EKI-6340 series is vulnerable to an OS command injection, which can be exploited by remote attackers to execute arbitrary code and commands, by using a non privileged user against a vulnerable CGI file.
a64726d244d547419fa3a47c114cb81761f6e477ec05f980a3199ab9e0a55aca
WordPress CM Download Manager plugin versions 2.0.0 and below suffer from a code injection vulnerability.
85816724b146fa7f598695ab683a2371e3a701ba19011ec52740b1d217e59ab4
PHP version 5.5.12 suffers from a memory corruption vulnerability that could potentially be exploited to achieve remote code execution. The vulnerability exists due to inconsistent behavior in the get_icu_value_internal function of ext\intl\locale\locale_methods.c. In most cases, get_icu_value_internal allocates memory that the caller is expected to free. However, if the first argument, loc_name, satisfies the conditions specified by the isIDPrefix macro (figure 1), and fromParseLocal is true, loc_name itself is returned. If a caller abides by contract and frees the return value of such a call, then the pointer passed via loc_name is freed again elsewhere, a double free occurs.
e1dcadb447af1ab80dabe070ca75aed52d71efed2b43a7c6a34d21061054de25
Paid Memberships Pro version 1.7.14.2 suffers from a path traversal vulnerability.
4e6d1b287ebd0d181c3762de6568c6062d1da3e10e5905bef16c7bcb93e2e928