FlatNuke versions 3.1.x and below suffer from a cross site scripting vulnerability.
5a24e71816224fb41d555208fcaab69216971ec2ba44033ca2958711ffde12caSafari version 8.0 on OS X 10.10 crash proof of concept exploit.
437eafb52bef71c294744b306d459d357ec21d1f6d232fc3c079998fd5a24784D-Link DCS-2103 suffers from path disclosure and directory traversal vulnerabilities.
8a1b364b3a3e47f5f519c83bb9ae78b5440d137f047bc090cd3015b9cf12f0b3Planet Source code suffers from URL redirection, cross site scripting, remote file upload, and remote SQL injection vulnerabilities.
08ccbd2d051bcbffef50f9d6c06e60df15faee3476135babf9dd60a3950d3d1cProticaret E-Commerce Script version 3.0 suffers from a remote SQL injection vulnerability.
bd5d7654d4fd1b54122c71873d9e0f021e90c28e8004489851ec54a5409d888aGogs markdown renderer suffers from a cross site scripting vulnerability. Versions 0.3.1-9-g49dc57e are affected.
f4ed141215063e5aa1d383bf0253f2da4d53f16ac3236dd18eebfb6ef1c26dc4Gogs suffers from a remote unauthenticated SQL injection vulnerability via repository search. Versions 0.3.1-9-g49dc57e through 0.5.6.1104-g0c5ba45 are affected.
75a30ce63d077066f565a7c16174dcf041cb8db82fd902166167eaf3fedc1808Gogs suffers from a remote blind SQL injection vulnerability via label search. Versions 0.3.1-9-g49dc57e through 0.5.6.1024-gf1d8746 are affected.
2851ea458aa2e82aaa0a27096e36b5135119f31a01be29a5ad53a9467291bfa2Atlas Systems Aeon versions 3.5 and 3.6 suffer from a cross site scripting vulnerability.
9ba04841645a78bda5e98d5917531ade59b39c79cb2d4828e6134f5a2d31375aGoogle's DoubleClick suffers from open redirection vulnerabilities.
c23752baac6dd86cbf0176e6fdab70b9a1f185b1490d25b9a4eff4e7a5816ba2Pandora FMS version 5.1SP1 suffers from a cross site scripting vulnerability.
1d2359ceb00b99d37b461e40a33a97a4fe449239c6784b1386e31c6752f50d8aOSSEC version 2.8 suffers from a privilege escalation vulnerability via insecure temporary file creation.
332b68c81e70da70ebe0fdd5bb80f7cf99f639232aa5b944919b393533981fcbThis Metasploit module exploits a vulnerability found in Windows Object Linking and Embedding (OLE) allowing arbitrary code execution, bypassing the patch MS14-060, for the vulnerability publicly known as "Sandworm", on systems with Python for Windows installed. Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable. However, based on our testing, the most reliable setup is on Windows platforms running Office 2013 and Office 2010 SP2. Please keep in mind that some other setups such as those using Office 2010 SP1 may be less stable, and may end up with a crash due to a failure in the CPackage::CreateTempFileName function.
98f844496d43dbf5a1ce7018422d72a76de82b8bafeead5008c67a30054879fdMyBB versions 1.8.1 and below suffer from cross site scripting and remote SQL injection vulnerabilities.
d2831c09fb98312458a15b01dea782086d5dbef7931a614feb632379185db28cDigi Online Examination System version 2.0 suffers from a remote shell upload vulnerability.
f4913846e2a4ef9da4fd1637116121697e047ae77978d936fc3a3c8fa24a1825Mouse Media Script version 1.6.0 suffers from a stored cross site scripting vulnerability.
9bd45d892cefca1ccd97f12064adcdccdc46d6ba039a2cfc0cb41b78b22fe4e5Esotalk CMS suffers from a cross site scripting vulnerability.
426b2a3130a36ea5b3de2f2855da80f068e88fd9e639135153ea7097754de135Serenity Client Management Portal version 1.0.1 suffers from a stored cross site scripting vulnerability.
1782a2875c2b21cc946c66f6e5cb34da9592b5108bffec951aaa36b484595522phpSound Music Sharing Platform version 1.0.5 suffers from multiple cross site scripting vulnerabilities
1ae73d636017b49c679573513259adb0882c02129b5d8004898e8ae43f7829f1WordPress SupportEzzy Ticket System plugin version 1.2.5 suffers from a stored cross site scripting vulnerability.
2f89b65717afb33161b3fa89fe8224f3f1ba65b3f2e38c1b28f79f9277acbb1fWho's Who Script suffers from a cross site request forgery vulnerability.
47f9a3f742cf238fe2b35e17df618c2251aafa10b62f1517868c27f5feaa4662This Metasploit module exploits a vulnerability found in Windows Object Linking and Embedding (OLE) allowing arbitrary code execution, publicly exploited in the wild as MS14-060 patch bypass. The Microsoft update tried to fix the vulnerability publicly known as "Sandworm". Platforms such as Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable. However, based on our testing, the most reliable setup is on Windows platforms running Office 2013 and Office 2010 SP2. And please keep in mind that some other setups such as using Office 2010 SP1 might be less stable, and sometimes may end up with a crash due to a failure in the CPackage::CreateTempFileName function.
22d50e4cf87dbb4ac9f6d51a9b1c21edb0ba7405f489b927842967eda685d577This Metasploit module exploits the Windows OLE automation array remote code execution vulnerability. The vulnerability exists in Internet Explorer 3.0 until version 11 within Windows 95 up to Windows 10.
9f3d76c6deb7093d4abe28ad57a0baaa94e5d5aac7b91cda94946db86e90b217Joomla HD FLV component version 2.1.0.1 suffers from a remote SQL injection vulnerability.
733162606ba1c6d3ad296a0f60b1de5ca10abf359fa141da227db38f94650974The Joomla Eventbooking component suffers from a cross site scripting vulnerability.
9b50f14aee44e44f20b0a4a6c605e2468e48bfe13ddce60537854cd9cb83ea26
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed