JobScript suffers from an open redirection vulnerability.
e346964b5931d627f76776af0fec044f2c71e336366251548304f0d59283e2f0
Calliope version 2.31 suffers from authentication bypass due to a remote SQL injection vulnerability.
85b10f367e99494fdc1e2fff03f4010816dfafd1b727faab0b01577307e01da3
Annuaire de Salon et Foire version 1.4 suffers from authentication bypass due to a remote SQL injection vulnerability.
211270e8c5b25f157973aa76d5f87ef7631f0e04c60010dcfacb6b9acb263ebf
Sitizy version 2.0 suffers from authentication bypass due to a remote SQL injection vulnerability.
368b7c6cc8b2c621763042755f7a7af6bfa6b288022f19453090568d7e7c23dc
Torop Tourisme version 2.0 suffers from a remote SQL injection vulnerability.
f993e7d991635981f6e04e07467d842f33ccd0f70d0bae57982817e3e54a7135
ETAP suffers from an elevation of privileges vulnerability which can be used by a simple authenticated user that can change the executable file with a binary of choice. The vulnerability exist due to the improper permissions, with the 'C' flag (Change) for 'Authenticated Users' group. Version 14.1.0.0 is affected.
1367964c70458bdbf8463029dfa389212fb4ad8f6ffd3291411ff5d82e8115f7
Collectd-Web version 0.4.0 suffers from a cross site scripting vulnerability.
677f1e138f0fabb145e534d65964d3ca14c126d42cb45b63a3c352e5b9a2b25a
Postfix Admin version 2.93 suffers from a cross site request forgery vulnerability.
c36bf42d6746cb09cb01c495637ea7bc269111f9cfcff5161901216a53a69331
WordPress Brafton plugin version 3.3.0 suffers from a cross site scripting vulnerability.
3892ab1d003f41f07168502f9e5f6aef23d2da0523045619b7f5cdae1c604776
Tuninfoforyou versions 2 and 2.5 appear to have a backdoor account of admin/admin.
e46b27b7198cf9427028f5400fd6095baf51d940716b313d1a1589f28aee6a8e
VirIT Explorer versions Lite 8.1.68 and Pro 8.1.68 suffers from a local privilege escalation vulnerability.
99e7b9f6307895078411a34926f56ccf4cf7a8402380f92d3b0c10f55187df4e
SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a remote SQL injection vulnerability.
db00019357db1804ffea0c5ca76cb4f4042f6423e57de6a275761be682393508
SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from an information disclosure vulnerability.
ff32f8dfc483575f12d9638b631629d9ab8b592d1ff7efb0bb98169a0fa75462
TYPO3 versions 6.2.19 and below and 7.6.4 and below suffer from a cross site scripting filter bypass vulnerability.
074a8b7081e6012807149a3a08eae83a45695bd2a613d575b6326428f2509193
LG NAS N1A1 version 10119 suffers from insecure direct object reference, SQL injection, directory traversal, arbitrary file upload/download, and sensitive information disclosure vulnerabilities. Full proof of concept exploit included.
139d5541d3893fafb2b210fa4aee32b765e26956f437ba541403c289104e42e5
Magento versions prior to 2.0.6 suffer from an unauthenticated arbitrary unserialize to arbitrary write file vulnerability.
aabdfe5b303d6f19ce1fc498c50679f141c6beebfcd6c15c192c8f28b94a86a8
4digits version 1.1.4 suffers from a local buffer overflow that allows for privilege escalation providing the binary is either setuid or setgid.
818b7cc163a17f93ba734876b24e2a24d385192108de436e269ae066edffd90a
Tns-Voyages Script version 1.7.1 suffers from a remote SQL injection vulnerability.
45bae1c6424f2044e6cc1f4b9970750ce5fd63fa497308b038f82330f0d107b7
Cisco ASA software IKEv1 and IKEv2 remote buffer overflow exploit.
ff7023ee70394960ee524b25e81f0bf3bfee1b58abcce9f15123fc266a4510c2
This Metasploit module exploits an authentication bypass vulnerability in Meteocontrol WEBLog (all models). This vulnerability allows extracting Administrator password for the device management portal.
b5a443a5fc418686d9d3ce0d8492afebd3f170b8a108d1cefb5fed42ef7ba2c7
This Metasploit module exploits a vulnerability found in Dell SonicWALL Scrutinizer. The methodDetail parameter in exporters.php allows an attacker to write arbitrary files to the file system with an SQL Injection attack, and gain remote code execution under the context of SYSTEM for Windows, or as Apache for Linux. Authentication is required to exploit this vulnerability, but this module uses the default admin:admin credential.
46eef5e2e82adcace1eb86cca34fa1691dfc435af8857a0821e91b120976f5fc
WSO2 SOA Enablement server suffers from a cross site scripting vulnerability.
31d43f863469f43424bafc72bcd4ad822cc16db33e6a9b0bf7ffb2914a174118
gdi32.dll in Microsoft Windows suffers from a denial of service issue due to an attacker controlling the Size argument in the gdi32!GdiComment() function.
db43b8cce7b5a88cf1f306d6bddb776823d2c0be5e51d507cafc7cb1aa4aa006
gdi32.dll in Microsoft Windows suffers from information disclosure issues via the EMF CREATECOLORSPACEW record handling.
ad702dbd1e8d3499b0b0400f710dfb2273a51ad44f2be032b45acb14922319f3
Symantec / Norton Antivirus suffers from a remote ring0 memory corruption vulnerability.
21cdf1867131c9fd3d343f392430fc0eb800cce0626266748dac5dd7851a01d4