POLLSolved version 1.5.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Support for this script is deprecated.
8d37108dc1944aac38df5b9bf07bc559d1b8b588512f97bfada3e2f3fe0ca082
PHP Vacation Rental Script version 7R suffers from cross site request forgery and cross site scripting vulnerabilities.
72e1c686d5cb411522987a046e67b02136896a062d2ff4b0efb2186d3c050b0a
FBZX versions 2.10 and below are prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker could exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial of service condition.
1139d7a917b3b4db146ac19726e7effe45dddb5b2933bb8ab5a30db268e6c332
WordPress WP Fastest Cache plugin version 0.8.4.8 suffers from a remote blind SQL injection vulnerability.
6aaa25369dc28e64c704e16742bd0b7ed07bbfcf0895809f6c442cf2f847c015
The install script for IBM Installation Manager version 1.8.1 suffers from a /tmp race condition.
61ddc1ecef489ff69c00edb7ed3182af444a773253d7beed708c57be0d98de12
Multiple Checkpoint.com subdomains suffered from cross site scripting vulnerabilities.
b045743d4a38a25084493dfc1460f3946c324bcbf543693134beed4eb46cbd10
YESWIKI version 0.2 suffers from a path traversal vulnerability.
176f5fdfb9343438426877060bd836d736a156e98bd8134c73d7599636d869c1
Jenkins version 1.633 suffers from an unauthenticated credential recovery vulnerability.
abde370dba2adfff37416fc0dc82c7e6cc006f60a37c64b8f148759a98875b7e
Huawei HG630a and HG630a-50 ADSL modems come with a default SSH admin password.
8fd45f788187d87ed0ce5fa88883d80a40f4edb047b7de04ef6a62b821397c0d
This Metasploit module exploits an arbitrary file upload in the WordPress Ajax Load More version 2.8.1.1. It allows you to upload arbitrary php files and get remote code execution. This Metasploit module has been tested successfully on WordPress Ajax Load More 2.8.0 with WordPress 4.1.3 on Ubuntu 12.04/14.04 Server.
11f7539e7ef47eff9d74ba4f4c35c661e3f3e8bfd87cbe2130c13dbb4e6eb011
TestLink version 1.9.14 suffers from a cross site request forgery vulnerability.
39f7ec2dfdf407f0782e906eebab9e38be681ca13f49a2d95361090f5468631a
TestLink version 1.9.14 suffers from a persistent cross site scripting vulnerability.
b46be8c0b8fb93b229267719e4d51695ead81f8d924cf7b2a0540380b2ef4098
Google AdWords API PHP client library versions 6.2.0 and below suffer from an XML eXternal Entity injection vulnerability.
6c9916344ebaa174cf5f48cf521868ab0c1c4407426a74e9439a33f3fc409164
Google AdWords API PHP client library versions 6.2.0 and below suffer from an arbitrary PHP code execution vulnerability.
718bc4c80011e0f627d4e11bfaf5b3cc7ec9ed3b9d1a3fe0996e87ba5f90a42d
A heap-based out-of-bounds memory read has been encountered in FreeType. It has been reproduced with the current version of freetype2 from master git branch, with a 64-bit build of the ftbench utility compiled with AddressSanitizer. Three proof of concepts are included.
98e8c4be3dc2aa55e2297273a7742b8e6dc7aafc1c27074f4f27654b18bf445e
NXFilter version 3.0.3 suffers from a cross site scripting vulnerability.
25d37f8adf5afa9c7c98764fff4c727777d4b671efb6c7a9a03dd0ec08335501
NXFilter version 3.0.3 suffers from a cross site request forgery vulnerability.
7bc6dd411cd4472cf1c1681c9e4ae97ab9d2970ba375615bec05bd0f544a3f2d
Arris TG1682G modem suffers from a persistent cross site scripting vulnerability.
70e106d63a4003aa9e12d8fb61f7ec4ce74fbeb02dc11f720d525857cdaf71ab
Solarwinds Log and Event Manager version 6.1.0 suffers from a remote command execution vulnerability.
1d41bb7d6cfb1f5a3165b5c57dacf9edcca07fe28c504326d8fdfa69cee8fba5
TheHostingTool version 1.2.6 suffers from a cross site scripting vulnerability.
0f401da323e6e37910a30851e200108c31e40c3255c3f525d6cb8912939fdb30
TheHostingTool version 1.2.6 suffers from a remote SQL injection vulnerability.
461869f2eed05289c8d027b2060643dcc2cdf7d04e3af495128646ba26cb7c48
TheHostingTool version 1.2.6 suffers from a code execution vulnerability.
6021bfb27e789e55e0282f5f98a9e078f25dceb84d1c522ed3a9a23fb0379ffd
SQLiteManager version 1.2.4 suffers from multiple cross site scripting vulnerabilities.
1d24197564600270877ac8c657a118af04f35d4fcaad0245bcabfea03640513a
Quick.Cart version 6.6 suffers from a cross site scripting vulnerability.
df2a8b0762e0a921098818a84bb66f2fbbc529ecd3aa1e677374729fb19cdd9a
Quick.Cart version 6.6 suffers from a cross site request forgery vulnerability.
7b2a945c39bafaadfb3aaa85da7d98387ba3e54d92d0f243f0702d272f349afc