Exponent CMS version 2.3.5 suffers from multiple cross site scripting vulnerabilities.
6a585b0745893b5ede86522555e556bf41c3aa59e50576817c204b6240bf2ae1
ImpressCMS versions 1.3.9 and below suffer from a remote SQL injection vulnerability.
61197cfbac59fcda7b4cf54107bb9e3be6d92521823d8c532388723addffcece
OpenTSDB suffers from a remote code execution vulnerability.
ef629a5afda4799864a0738de815ff969d73a1592c4e3b2c08cc18011241292a
Webutler CMS version 3.2 suffers from a cross site request forgery vulnerability.
c60c42cc4336feb6ee9c83dcae2abc556f909850f348817fea74aa3881349b35
WordPress iThemes Security suffers from insecure backup and logfile generation vulnerabilities.
e3308d1fef8c8d026f085134a8bb431d3946592ebc3e93771257b503662abd8d
phpMyFAQ versions 2.8.26 and 2.9.0-RC2 suffer from a cross site request forgery vulnerability.
b4b19a666863c0731be2d532693b5b2ccf810e9441b2e6245193a4737cfe146a
PHPBack version 1.3.0 suffers from a remote SQL injection vulnerability.
1a3563c8cb984719a04c95e92c88dc0bf4dedddfdd2d12d48fd0726d019c8872
Oliver versions 1.3.0 and 1.3.1 suffer from reflective cross site scripting vulnerabilities.
432496911f1411e7822f0277e55dc6ffd1625b86f2ba47830b95a792365b7b98
The attached testcases crashes Windows 7 64-bit while attempting to write to an unmapped memory region. On 32-bit Windows 7 it triggers a null pointer read.
d89d761020ed70dcb07f77ce385b34df9657da7e12a58b54828167ae00247fe1
pgpdump version 0.29 suffers from an endless loop parsing issue that can lead to a denial of service.
ca2cebf5bbc203a10cddb4380a1efb60238193332dfe72831f57c0aef4db21f2
G-Data security products suffer from a DLL hijacking vulnerability.
29c328336f7c955d9cb79a397d3a0fdbdb4936d0cfcc3774ef65a1fcb51f5029
TH692 Outdoor P2P HD waterproof IP camera version 16.1.16.1.1.4 has hard-coded static credentials.
141e6fc8fa6f27193da146b37b4fad682409c18fe27a6bf277802c640bf96ffc
modified eCommerce version 2.0.0.0 revision 9678 suffers from a remote blind SQL injection vulnerability.
898d196aa6856b4b29222a4cf125a7129f1b35d9d6a0fabeb0d692ba81d58813
WordPress Kento Post View Counter plugin version 2.8 suffers from cross site request forgery and cross site scripting vulnerabilities.
c6f47f562012073725028c93b65d759d102f93f5ecb06b28f3e4ff0ba57bc4d0
WordPress leenk.me plugin version 2.5.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
eca102ef78770490471423f7dd6c4747ffdabb9b064c2ad32f5dd476ec500b4c
This Metasploit module exploits an authenticated arbitrary file upload via directory traversal to execute code on the target. It has been tested on versions 6.5 and 7.1.0, in Windows and Linux installations of Novell ServiceDesk, as well as the Virtual Appliance provided by Novell.
afb4d4be28fcad92ea6a38d635b3b06845a31d2df0ef58120226aa7d288d0c15
Zarafe.net CMS version 1.0 suffers from a remote SQL injection vulnerability.
e3345b31b6f1ea138abf617578aa72c6ecba8aa0faec9735f214e7f72d3f7a47
KNOX versions 1.0 through 2.3 on Android suffer from a clipboard data disclosure vulnerability.
a7a3fc37dbd8a7af8e282177066142c6a552f92d788ad7e147aad0c8516323e5
Webnet CMS version 1.2 suffers from cross site scripting, file disclosure, and remote SQL injection vulnerabilities.
c5a7ce234114c1027ecef248a17823db5c62230936fcd70c73b45c71b8f63e18
PfSense Community Edition versions 2.2.6 and below suffer from cross site scripting, code injection, and cross site request forgery vulnerabilities.
a1cea41cda47aaf708576b8f7af2aa6b3c4f8bef37be1b6afc196e909188eabc
AirOS version 6.x suffers from an arbitrary file upload vulnerability.
a2045ad92aa7807fb104f6e5684803d581ae09e9d5bbb906da255625550214c5
Microsoft Internet Explorer 11 ships with MSHTML.DLL referencing various DLLs which are not present on a Windows 7 SP1 installation, Windows 10 is not affected, other Windows versions have not been tested. According to "MSHTML.DLL is at the heart of Internet Explorer and takes care of its HTML and Cascading Style Sheets (CSS) parsing and rendering functionality." Every application using MSHTML.DLL directly or another DLL which incorporates MSHTML.DLL (like SHELL32.dll) is prone to binary planting.
6527d84b2e81cbfa11caebc6caad25537bf4ae7b3243d2620fd57dda899352a3
This Metasploit module exploits a Perl injection vulnerability in Exim versions prior to 4.86.2 given the presence of the "perl_startup" configuration parameter.
9244d1a56ca1a0b4187fc7d9232dd5485fbbf380c0bdb9f35ea79df0019c335a
Brickcom Network Cameras suffer from insecure direct object reference, hard-coded credentials, information disclosure, cross site request forgery, and cross site scripting vulnerabilities.
d4263442a7cc41a494d9af50e1ba3231bc2e0bda0bbf7e50965fda5669553dc6
Django CMS version 3.2.3 suffers from filter bypass and malicious script insertion vulnerabilities.
37f9d80f871c90b98fbef578bb3285d459c2ce9bc4b43e2ee9a1ea05eff816ab