The SonarQube Jenkins plugin in Jenkins CI suffers from a plain text password disclosure vulnerability.
127c8c86b8c0bf44289f1b21f47a30d02721a2459668e7f5692d4d16b1178397
ColoradoFTP version 1.3 Prime Edition (Build 8) suffers from a directory traversal vulnerability.
91283725e1f5776a707996847385b3c798b3049566679412587c14ff20c727a7
Oliver versions 1.3.0 and 1.3.1 suffer from reflective cross site scripting vulnerabilities.
432496911f1411e7822f0277e55dc6ffd1625b86f2ba47830b95a792365b7b98
SpagoBI version 4.0 suffers from cross site scripting and arbitrary file upload vulnerabilities. The file upload issue could possibly lead to code execution.
a473d04492ed0ca46728806a232c7a6ee98f70e5940464e4217b27d3d8c8a651
SpagoBI version 4.0 suffers from an HTML injection vulnerability.
b8ca2e456b6ec5e643124527c4b74faae73a8dcad1893f8c1471c09a33533b6f
SpagoBI version 4.0 suffers from a persistent cross site scripting vulnerability.
8d2851f9ad8e9898fb04e583d9b3ed25ef61555335668592cc857b8a3fb00edd
SpagoBI version 4.0 suffers from an administrative privilege escalation vulnerability.
08879394f05ec3888c94bd4b06561081d45aa1549a6e63d70b7be33bbcfe4f7f
JAMon version 2.7 suffers from multiple cross site scripting vulnerabilities.
05d3cecf7d59ce888a09043a4aa1af1988abd9d302ed9dd5da80c76ff2e50e0a
Jenkins CI version 1.523 has a default markup formatter that permits offsite-bound forms. This vulnerability could be exploited by a remote attacker (a malicious user) to inject malicious persistent HTML script code (application side) and in turn perform a cross site scripting attack.
5764f0eb1aedc4495f9f0a84672d7a2996fc96b4c3ea9d658bcea48cd425c6bf