PHPmongoDB version 1.0.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
e76ac1cdaae844776a01728a703770c3e964816b862a0c6b2c52054c63a4e509
The Adobe Type Manager Font Driver (ATMFD.DLL) suffers from a NamedEscape out-of-bounds read.
47ff745db957f4da9f0bfd5c001563adb1efd711f4a8c5d321e86fdc7660d19a
ChitaSoft CMS version 3 suffers from a cross site scripting vulnerability.
f2496bfce8bfd1272daa114fe6e23c1117c8a54c7bb3145226a1d3e60df3b268
OpenWGA Content Manager version 7.1.9 suffers from a cross site scripting vulnerability when input passed via the User-Agent HTTP header is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
9d71ce5e11ca39dfc7ec78ef37fa5c5ebd50d84f836c4358d8cf523620e4a121
OpenWGA Developer Studio version 3.1.0 suffers from an arbitrary code execution vulnerability when using the File OpenDialog box enabling the attacker to execute any binary he or she chooses including elevation of privileges.
cac68fae3b766c1b59f1effea63f646a7d46e1e5a92a57e85fcc6a77d37f8919
This Metasploit module exploits a file upload vulnerability in Kace K1000 versions 5.0 to 5.3, 5.4 prior to 5.4.76849, and 5.5 prior to 5.5.90547 which allows unauthenticated users to execute arbitrary commands under the context of the 'www' user. This Metasploit module also abuses the 'KSudoClient::RunCommandWait' function to gain root privileges. This Metasploit module has been tested successfully with Dell KACE K1000 version 5.3.
ce165f4ada05beefea1776978f34c8b9073a363082d4e2c9070aa0d2aed7d73d
Texas Instruments Calculators Emulator version 3.03-nogdb+dfsg-3 suffers from a buffer overflow vulnerability.
189c0e2dd8442cb5bb1443d6a2b0e7a6e2a076cb8c15f1bc5ba7f76146a40887
Webline CMS 2016Q2 suffers from a remote SQL injection vulnerability.
0a5013f90a4d1adad4f948811aefe1b99cc92775272d91587066533f3c50a3f3
Ovidentia module Troubletickets version 7.6 suffers from a remote file inclusion vulnerability.
8b8b42d83c24b45290bbe6733839b4dcde30f4bfb2e1b86847d77f45461c6242
ImPAX Agility version 1.1074.RC.b122.20150602 suffers from multiple cross site scripting vulnerabilities.
93b3bd2558046b9a690c3d500cc1621a85419cfb93b18fbe7f16b7851b4f51db
The patch for Issue 70 in IBM Java discovered by Security Explorations in 2013 was found to be faulty. Included are the full report and a proof of concept.
24180117b921605ffa337bfcd62c889bf47a2e79be4fd3593f12c7031b1258ce
RockMongo version 1.1.8 suffers from cross site request forgery, cross site scripting, and html injection vulnerabilities.
ad136abaa1fb15aa651f56b122c30dc9f88d81a491bc7bd509617a574f423492
WordPress Robo Gallery plugin version 2.0.14 suffers from a code execution vulnerability.
774d75ce63929680b6281e707bdf8bf21ed7453a304fe3f4249bb389a592ba9f
Perl version 5.22 suffers from two out-of-bounds reads and multiple small buffer over-read vulnerabilities in the VDir::MapPathA and VDir::MapPathW functions that could potentially be exploited to achieve arbitrary code execution.
cd84d70480486213183c751f06e787f023b2261ad301971f1c15757a078757f7
Novell Service Desk versions 7.1.0 and below suffer from code execution, information disclosure, cross site scripting, remote file upload, HQL injection, and traversal vulnerabilities.
c58735b33740e5edd50a8cae45802afa2db11198bcbbc4f1e7779e1640bb8f1c
CAM UnZip version 5.1 suffers from a path traversal vulnerability that allows for code execution.
801d5878708fdba9cecf84f8db7cae0615b691a858521efc97847de2890f7721
OpenCart version 2.2.0.0 suffers from a remote PHP code execution vulnerability.
1417eaf1f6b4295c475e0cc0fe94f8b4ddfb74538eee3554c3b8bb9362212ef5
WPN-XM version 0.8.6 suffers from a cross site request forgery vulnerability.
ee094c05732b4c27eea8c21fd850ef9e38ee6b36fe9b509f2145d5431162b38c
WPN-XM version 0.8.6 suffers from a cross site scripting vulnerability.
7a7c1e768bebb233949624598b2001150a93cbf0cb5ae10be6a52ab59e4d034b
DirectAdmin Control Panel version 1.50.0 suffers from a cross site scripting vulnerability.
d936827aaafa73b7b8ec6b09f4046e372adf34843e950a51329f0ec0256f2db4
Mobilya Scripti 2 suffers from a remote shell upload vulnerability.
f0553b31a8ebb47291d787fabfc5388080415751f064cf2557a9a45ab3fa50ca
IDA SDK version 6.9 Demo and IDA 5.0 Freeware suffer from a DLL hijacking vulnerability.
48366b45036a800a749b85bca2248bdb06ecde55c5a24ec7a1a74aa165a54239
CivicRM version 4.7b3 suffers from a remote blind SQL injection vulnerability.
b46c1c9644858cd9f5157a2a8c9b025f2d88d4276e0161fedcc1aa49d74ea152
DotCMS version 3.5 Beta suffers from a cross site scripting vulnerability.
d9b67e3866760f53eed0d680abdd9d5b2fae352477c2d8af3ce6a5c48701e9cf
DotCMS version 3.5 Beta suffers from a directory traversal vulnerability.
1fad220bd9b74144259838fdc1996fc91aa92055bf12ec9962731c4a8aa8c02d