EdgeCore ES3526XA Manager suffers from weak credential, access bypass, and cross site request forgery vulnerabilities.
4c554624c94b5f4cf21ee4495b9c4e0f66a5180eb79df24623c95cf9103237bc
WordPress Ultimate Product Catalog plugin version 3.8.6 suffers from a remote shell upload vulnerability.
d5d2b6345ca7d0fde8061b241864354a010b8de0d20146ab1dc71c6e78336944
vPet Engine version 2.1 suffers from remote SQL injection and default backdoor admin account vulnerabilities.
08d39470cbc25319403472e611c9ec681e4e89fbc69cceceafd8d9dd7b97dbc9
Sierra Wireless AirLink Raven XE Industrial 3G Gateway suffers from cross site request forgery, information disclosure, and remote file upload vulnerabilities.
cf133ee4a7539de41de8f9b10bd820c5bdadc47e30cbefba82a1519fcb4b5918
A default installation of Windows 7/8 can be made to perform a NTLM reflection attack through WebDAV which allows a local user to elevate privileges to local system.
38a08b6ee37889a0cd9d35ed8ee32279823b97688768df81253865add1d05bf8
FinderView suffers from path traversal and cross site scripting vulnerabilities.
6f0343e72d022fbf8ca84c53fac312b430c2903c7ac17c64256d39c5523fe9ab
XuezhuLi FileSharing suffers from a cross site request forgery vulnerability.
f60fc03551aa9903def6dd34f7141d7b2309b7088993125112f90e91777bb33f
XuezhuLi FileSharing suffers from a path traversal vulnerability.
a4e2043fbe4468389cbc326931a2c4f78de8ef1102c6a13daece3a4b7aa8b215
Getsimple CMS versions 3.3.10 and below suffer from a remote shell upload vulnerability.
e533c4e4ee4a7310978c28f7f540538a929f153e141561dd80c4d128d1c5fa32
Dolibarr CRM versions prior to 3.9.1 suffer from a command injection vulnerability.
72598740c36ce33bbbb05e4e0c1eab2ccda56772b3cadd684a9b6e1a93d60723
Quick.Cart.Ext versions 6.7 and below remote admin add cross site request forgery exploit.
cdc2fb719137f7fda0879b5a08fdda22d982ee74b7962be63484b876663356d3
Tiki-Wiki CMS's calendar module contains a remote code execution vulnerability within the viewmode GET parameter. The calendar module is NOT enabled by default. If enabled, the default permissions are set to NOT allow anonymous users to access.
9131c295c6f0a87ffeed5ec24203a47294ef439eb9e76d9c596efa1d5fafc764
Open-Xchange App Suite versions 7.8.1 and below suffer from an information disclosure vulnerability.
27b0e6e0ca5abeb66f30b28d40b4ac9eb51c5bb7ed4b48985aba9a1fe1586857
WordPress Contus Video Comments plugin version 1.0 suffers from a remote file upload vulnerability.
4f6ec1ff49f824524c93da0857f1b6f61521cb94809158b755faa6e7a4516efa
This Metasploit module exploits a buffer overflow vulnerability found in the ls command of the PCMAN FTP version 2.0.7 Server.
c7b50b153ec04efb07018decce1a122711b94da1e8f8210a118da4147778adcf
This Metasploit module exploits a file upload vulnerability in Wolf CMS version 0.8.2. This application has an upload feature that allows an authenticated user with administrator roles to upload arbitrary files to the '/public' directory.
bb14eded63b20bf9f13fdec65b93642599468f8b8d60278a25b93898e6f4fc4b
This Metasploit module exploits an arbitrary file download vulnerability in the DarkComet C&C server versions 3.2 and up. The exploit does not need to know the password chosen for the bot/server communication.
526875de4b2f6bc5ec72d1ffc0e835dfcf46ebb40dc25640bde82c28768474fd
SSHC version 5.0 is susceptible to an encrypted database content theft vulnerability.
b65f0bcd7a1b909d9cb74e42f7e28b4350fbff790f58e10c2ce3ecbc6b8ec091
YetiForce CRM versions prior to 3.1 suffer from a persistent cross site scripting vulnerability.
88f77d119109097e0ff59b4bccf90941faf7911f4ad4ee8ca7d4130767c35bd8
Radiant CMS version 1.1.3 suffers from multiple persistent cross site scripting vulnerabilities.
632cfe489664d2879a2526e59d8fd6d08acf732b32e77e62489c5b96fc4c47ea
Yona CMS version 1.3.x suffers from a cross site request forgery vulnerability.
92dec5774d0ae52f5f489ce2f3acbdb2637cdc8adacd50647918faeca2f19ad6
Joomla Publisher component version 3.0.11 suffers from a remote SQL injection vulnerability.
e207bc23de7b81fa6d7bba62a85fb3af31af242aff646877284899d4eda58b47
Ionize CMS versions 1.0.8 and below suffer from a cross site request forgery vulnerability.
04a53f78bc0110447c0d663c58372767475534ed26cdb901e7124c35bc4516c4
SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a cross site scripting vulnerability.
3227c8ee7e5ffae4107c3102e05d6c483cc347aa6c21ed54de26dc0f839fee13
SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer form an information disclosure vulnerability in WD_CHAT.
c86a0c971a9ddf7d0a42320c53175f15d4860f92751a45e80a3910f467711ef4