Exponent CMS version 2.3.5 suffers from multiple cross site scripting vulnerabilities.
6a585b0745893b5ede86522555e556bf41c3aa59e50576817c204b6240bf2ae1ImpressCMS versions 1.3.9 and below suffer from a remote SQL injection vulnerability.
61197cfbac59fcda7b4cf54107bb9e3be6d92521823d8c532388723addffceceOpenTSDB suffers from a remote code execution vulnerability.
ef629a5afda4799864a0738de815ff969d73a1592c4e3b2c08cc18011241292aWebutler CMS version 3.2 suffers from a cross site request forgery vulnerability.
c60c42cc4336feb6ee9c83dcae2abc556f909850f348817fea74aa3881349b35WordPress iThemes Security suffers from insecure backup and logfile generation vulnerabilities.
e3308d1fef8c8d026f085134a8bb431d3946592ebc3e93771257b503662abd8dphpMyFAQ versions 2.8.26 and 2.9.0-RC2 suffer from a cross site request forgery vulnerability.
b4b19a666863c0731be2d532693b5b2ccf810e9441b2e6245193a4737cfe146aPHPBack version 1.3.0 suffers from a remote SQL injection vulnerability.
1a3563c8cb984719a04c95e92c88dc0bf4dedddfdd2d12d48fd0726d019c8872Oliver versions 1.3.0 and 1.3.1 suffer from reflective cross site scripting vulnerabilities.
432496911f1411e7822f0277e55dc6ffd1625b86f2ba47830b95a792365b7b98The attached testcases crashes Windows 7 64-bit while attempting to write to an unmapped memory region. On 32-bit Windows 7 it triggers a null pointer read.
d89d761020ed70dcb07f77ce385b34df9657da7e12a58b54828167ae00247fe1pgpdump version 0.29 suffers from an endless loop parsing issue that can lead to a denial of service.
ca2cebf5bbc203a10cddb4380a1efb60238193332dfe72831f57c0aef4db21f2G-Data security products suffer from a DLL hijacking vulnerability.
29c328336f7c955d9cb79a397d3a0fdbdb4936d0cfcc3774ef65a1fcb51f5029TH692 Outdoor P2P HD waterproof IP camera version 16.1.16.1.1.4 has hard-coded static credentials.
141e6fc8fa6f27193da146b37b4fad682409c18fe27a6bf277802c640bf96ffcmodified eCommerce version 2.0.0.0 revision 9678 suffers from a remote blind SQL injection vulnerability.
898d196aa6856b4b29222a4cf125a7129f1b35d9d6a0fabeb0d692ba81d58813WordPress Kento Post View Counter plugin version 2.8 suffers from cross site request forgery and cross site scripting vulnerabilities.
c6f47f562012073725028c93b65d759d102f93f5ecb06b28f3e4ff0ba57bc4d0WordPress leenk.me plugin version 2.5.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
eca102ef78770490471423f7dd6c4747ffdabb9b064c2ad32f5dd476ec500b4cThis Metasploit module exploits an authenticated arbitrary file upload via directory traversal to execute code on the target. It has been tested on versions 6.5 and 7.1.0, in Windows and Linux installations of Novell ServiceDesk, as well as the Virtual Appliance provided by Novell.
afb4d4be28fcad92ea6a38d635b3b06845a31d2df0ef58120226aa7d288d0c15Zarafe.net CMS version 1.0 suffers from a remote SQL injection vulnerability.
e3345b31b6f1ea138abf617578aa72c6ecba8aa0faec9735f214e7f72d3f7a47KNOX versions 1.0 through 2.3 on Android suffer from a clipboard data disclosure vulnerability.
a7a3fc37dbd8a7af8e282177066142c6a552f92d788ad7e147aad0c8516323e5Webnet CMS version 1.2 suffers from cross site scripting, file disclosure, and remote SQL injection vulnerabilities.
c5a7ce234114c1027ecef248a17823db5c62230936fcd70c73b45c71b8f63e18PfSense Community Edition versions 2.2.6 and below suffer from cross site scripting, code injection, and cross site request forgery vulnerabilities.
a1cea41cda47aaf708576b8f7af2aa6b3c4f8bef37be1b6afc196e909188eabcAirOS version 6.x suffers from an arbitrary file upload vulnerability.
a2045ad92aa7807fb104f6e5684803d581ae09e9d5bbb906da255625550214c5Microsoft Internet Explorer 11 ships with MSHTML.DLL referencing various DLLs which are not present on a Windows 7 SP1 installation, Windows 10 is not affected, other Windows versions have not been tested. According to "MSHTML.DLL is at the heart of Internet Explorer and takes care of its HTML and Cascading Style Sheets (CSS) parsing and rendering functionality." Every application using MSHTML.DLL directly or another DLL which incorporates MSHTML.DLL (like SHELL32.dll) is prone to binary planting.
6527d84b2e81cbfa11caebc6caad25537bf4ae7b3243d2620fd57dda899352a3This Metasploit module exploits a Perl injection vulnerability in Exim versions prior to 4.86.2 given the presence of the "perl_startup" configuration parameter.
9244d1a56ca1a0b4187fc7d9232dd5485fbbf380c0bdb9f35ea79df0019c335aBrickcom Network Cameras suffer from insecure direct object reference, hard-coded credentials, information disclosure, cross site request forgery, and cross site scripting vulnerabilities.
d4263442a7cc41a494d9af50e1ba3231bc2e0bda0bbf7e50965fda5669553dc6Django CMS version 3.2.3 suffers from filter bypass and malicious script insertion vulnerabilities.
37f9d80f871c90b98fbef578bb3285d459c2ce9bc4b43e2ee9a1ea05eff816ab
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed