Webgrind version 1.1 suffers from a cross site scripting vulnerability.
f01bd61532fe3b683730775cbcfec3d84aa16dcf6f66290d250b764307171fff
SolarWinds Network Performance Monitor suffers from an open redirection vulnerability.
98bee185bf6b9834e8b2f02f00c6e2a8718feccef211264df1ada93450f87cb5
Pluck CMS version 4.7.2 suffers from a directory traversal vulnerability.
7c7078ee34086c1d03364e33d9933840fb1aa284905363a1dd5744811240593f
Jackrabbit versions 2.x suffer from a WebDAV XXE injection vulnerability. Included are details and patches.
6408e65868c52858ab9e20f4d7de9fc89e4df4439e5fa505f752b7ed50030fc8
Coppermine Gallery version 1.5.34 suffers from cross site scripting, open redirection, and directory enumeration vulnerabilities.
086ca064d94366ef1030633aba925f544189f005411834047fad3a4592126680
Newsletter version 4.3 suffers from a remote SQL injection vulnerability.
fad83bcfc46d547af5883c5d93dd0c2a3271b9adad34676ea3284ee87947badb
WordPress WP Photo Album Plus plugin version 6.1.2 suffers from a cross site scripting vulnerability.
dc87e9e9a57eaba329f327e233795a7d58028430aed823b369b88e95f8d7eada
Microsoft Windows versions 8.0 and 8.1 on x64 TrackPopupMenu privilege escalation exploit that leverages the vulnerability documented in MS14-058.
7d524f41ded3fbca83cd0ed3b01c95d13cab774d7a2fa4d2956447e6c0c1eed9
Hikvision DS-7108HWI-SH suffers from XML injection and abuse control vulnerabilities.
d1bb4634146fdef0c8b2ec9946f0fa8374acbf0fa0d2991358c04ebba364be68
HiDisk version 2.4 suffers from cross site scripting vulnerabilities.
64d72136f12d344f723dc4b373e08c6d1dbf2f416063afa99305e3907efcb50b
Comodo GeekBuddy, which is bundled with Comodo Anti-Virus, Comodo Firewall, and Comodo Internet Security, runs a passwordless, background VNC server and listens for incoming connections. This can allow for at least local privilege escalation on several platforms. It also may be remotely exploitable via CSRF-like attacks utilizing a modified web-based VNC client (eg. a Java VNC client).
9f9180461e9cd73423e245a053523757ad172b33d270f5c669f95253b81dd237
ZOC SSH Client version 7.03.0 suffers from a buffer overflow vulnerability.
e42dd15e4a510917e7e3c36fb2b609903cd637f9a9ab4132272feb7ccf07962a
Simple Invoice version 2011.1 suffers from a cross site request forgery vulnerability.
7f7ed221cb72a656ccbb183689f5445ad84650f1578c24e9e6ad537e5385d8c1
Eisbar SCADA suffers from a malicious script insertion vulnerability.
3f1cea9f753def53e8d70f200ac4d5ac34877802ee86b77b0d601b26e3a86fb9
Simple Invoice version 2011 suffers from a persistent cross site scripting vulnerability.
b7e6887a45c5931cb176e53c1412937e536b0e740967f6ff17918aae0d32a09a
DirectAdmin version 1.48 suffers from a cross site request forgery vulnerability.
a1a2a03a5ad46ca01cce7a7e5028a747d883d3be9fb3ab98b9963f200b51925a
Clickheat version 1.13 suffers from a remote command execution vulnerability.
300ce9838bd8a669889600e36ca5c0dafd090928c0e4b644dfa8cac24db9a8a8
IPsec-Tools version 0.8.2 suffers from a null dereference that can result in a denial of service against the IKE daemon. Exploit and advisory included.
e4be5af1e1adc92ee5e593ff5121d3aa249257335ebbc70ea6ac5b171a7e6f05
Wise-FTP version 8.0.2 suffers from a dll hijacking vulnerability.
fe835e282b179efb7d2c3818cf4922476f474a73969909a944989d0332d281d9
Xamarin for Android prior to version 5.1 suffers from a dll hijacking vulnerability.
a0f1a9814fd00d0067ec5b49f729c80e8d3a8525446ee51c013d5fe69d4c89f0
Staff-FTP version 3.04 suffers from a dll hijacking vulnerability.
11c1ff88fbf2aec5cb130ee64073ba77c78b23e8c19fa3e3f0cf46b67b93c8b7
WordPress FeedWordPress plugin version 2015.0426 suffers from a remote SQL injection vulnerability.
0c5db191a4b0704dda4170fe6cad6105d925787764b77460405b9787293d76db
Milw0rm Clone Script version 1.0 suffers from a remote SQL injection vulnerability.
a2233f62ef3bd38af6c744b11907b097de63a082213aec1c84c1c2f5251c8336
ZTE AC3633R suffers from authentication bypass and denial of service vulnerabilities.
612b4d303a486c953b735ccbe4473a0edde2c86b44e815ab99ec71fc9440c7f3
This proof of concept exploit will print out the current status of the PLC, continuously every 0.1 second, after 3 seconds it reverts (start becomes stop, stop becomes cold start), and stops after 5 seconds.
d7a36880de68cd531f525c06ef1c9527b8f6b3bd56c288af391f675d397be3aa