POLLSolved version 1.5.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Support for this script is deprecated.
8d37108dc1944aac38df5b9bf07bc559d1b8b588512f97bfada3e2f3fe0ca082PHP Vacation Rental Script version 7R suffers from cross site request forgery and cross site scripting vulnerabilities.
72e1c686d5cb411522987a046e67b02136896a062d2ff4b0efb2186d3c050b0aFBZX versions 2.10 and below are prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker could exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial of service condition.
1139d7a917b3b4db146ac19726e7effe45dddb5b2933bb8ab5a30db268e6c332WordPress WP Fastest Cache plugin version 0.8.4.8 suffers from a remote blind SQL injection vulnerability.
6aaa25369dc28e64c704e16742bd0b7ed07bbfcf0895809f6c442cf2f847c015The install script for IBM Installation Manager version 1.8.1 suffers from a /tmp race condition.
61ddc1ecef489ff69c00edb7ed3182af444a773253d7beed708c57be0d98de12Multiple Checkpoint.com subdomains suffered from cross site scripting vulnerabilities.
b045743d4a38a25084493dfc1460f3946c324bcbf543693134beed4eb46cbd10YESWIKI version 0.2 suffers from a path traversal vulnerability.
176f5fdfb9343438426877060bd836d736a156e98bd8134c73d7599636d869c1Jenkins version 1.633 suffers from an unauthenticated credential recovery vulnerability.
abde370dba2adfff37416fc0dc82c7e6cc006f60a37c64b8f148759a98875b7eHuawei HG630a and HG630a-50 ADSL modems come with a default SSH admin password.
8fd45f788187d87ed0ce5fa88883d80a40f4edb047b7de04ef6a62b821397c0dThis Metasploit module exploits an arbitrary file upload in the WordPress Ajax Load More version 2.8.1.1. It allows you to upload arbitrary php files and get remote code execution. This Metasploit module has been tested successfully on WordPress Ajax Load More 2.8.0 with WordPress 4.1.3 on Ubuntu 12.04/14.04 Server.
11f7539e7ef47eff9d74ba4f4c35c661e3f3e8bfd87cbe2130c13dbb4e6eb011TestLink version 1.9.14 suffers from a cross site request forgery vulnerability.
39f7ec2dfdf407f0782e906eebab9e38be681ca13f49a2d95361090f5468631aTestLink version 1.9.14 suffers from a persistent cross site scripting vulnerability.
b46be8c0b8fb93b229267719e4d51695ead81f8d924cf7b2a0540380b2ef4098Google AdWords API PHP client library versions 6.2.0 and below suffer from an XML eXternal Entity injection vulnerability.
6c9916344ebaa174cf5f48cf521868ab0c1c4407426a74e9439a33f3fc409164Google AdWords API PHP client library versions 6.2.0 and below suffer from an arbitrary PHP code execution vulnerability.
718bc4c80011e0f627d4e11bfaf5b3cc7ec9ed3b9d1a3fe0996e87ba5f90a42dA heap-based out-of-bounds memory read has been encountered in FreeType. It has been reproduced with the current version of freetype2 from master git branch, with a 64-bit build of the ftbench utility compiled with AddressSanitizer. Three proof of concepts are included.
98e8c4be3dc2aa55e2297273a7742b8e6dc7aafc1c27074f4f27654b18bf445eNXFilter version 3.0.3 suffers from a cross site scripting vulnerability.
25d37f8adf5afa9c7c98764fff4c727777d4b671efb6c7a9a03dd0ec08335501NXFilter version 3.0.3 suffers from a cross site request forgery vulnerability.
7bc6dd411cd4472cf1c1681c9e4ae97ab9d2970ba375615bec05bd0f544a3f2dArris TG1682G modem suffers from a persistent cross site scripting vulnerability.
70e106d63a4003aa9e12d8fb61f7ec4ce74fbeb02dc11f720d525857cdaf71abSolarwinds Log and Event Manager version 6.1.0 suffers from a remote command execution vulnerability.
1d41bb7d6cfb1f5a3165b5c57dacf9edcca07fe28c504326d8fdfa69cee8fba5TheHostingTool version 1.2.6 suffers from a cross site scripting vulnerability.
0f401da323e6e37910a30851e200108c31e40c3255c3f525d6cb8912939fdb30TheHostingTool version 1.2.6 suffers from a remote SQL injection vulnerability.
461869f2eed05289c8d027b2060643dcc2cdf7d04e3af495128646ba26cb7c48TheHostingTool version 1.2.6 suffers from a code execution vulnerability.
6021bfb27e789e55e0282f5f98a9e078f25dceb84d1c522ed3a9a23fb0379ffdSQLiteManager version 1.2.4 suffers from multiple cross site scripting vulnerabilities.
1d24197564600270877ac8c657a118af04f35d4fcaad0245bcabfea03640513aQuick.Cart version 6.6 suffers from a cross site scripting vulnerability.
df2a8b0762e0a921098818a84bb66f2fbbc529ecd3aa1e677374729fb19cdd9aQuick.Cart version 6.6 suffers from a cross site request forgery vulnerability.
7b2a945c39bafaadfb3aaa85da7d98387ba3e54d92d0f243f0702d272f349afc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed