Pi-Hole version 2.8.1 with web interface version 1.3 suffers from a persistent cross site scripting vulnerability.
dcdfd8e2b303c612ea99f185e33cfd910d4a217f8d34dbe3ab23d1823435c694
Cyclope Employee Surveillance versions 8.6.1 and below suffer from a multiple of insecure file permission vulnerabilities.
8981697f97cfe24c24bb514331bf9925b6437179a12c2575f829d880e167c2c3
eM Client e-mail client version 5.0.18025.0 suffers from a stored cross site scripting vulnerability.
58d63f0347684b64df7ea221869f6c49d7b63d4b6ed451c1bfe8a5229f8066e7
PHP Server Monitor version 2.0.1 suffers from a stored cross site scripting vulnerability.
a66b0a9487b95c5307915eccadb39223d33aa5451ae999c36c581fabd1220cfc
WeBid versions 1.0.5 and below suffer from a directory traversal vulnerability.
691fd6a645c981162b89806c3a38adbbac74928e9a8c6bdd1391a139433a93d9
Web Help Desk version 11.0.7 suffers from a stored cross site scripting vulnerability.
92d407863cc4660b9160ec7ee4b566b3f02ec436aa4aadd47f903d4acf797aa7
This Metasploit module exploits a vulnerability found in qdPM - a web-based project management software. The user profile's photo upload feature can be abused to upload any arbitrary file onto the victim server machine, which allows remote code execution. Please note in order to use this module, you must have a valid credential to sign in.
f5f6ba93d6feeeed1d320115b76b89c669688a7089990888c0aafa5f2993314c
op5 Monitoring version 5.4.2 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
027aefb418d26810247858030e2eef7f6b9be2c5cf3721ff4c1fb7885e01cfdd
Clipbucket version 2.5 suffers from a directory traversal vulnerability.
60276daddff1d6ad33d0d4b4a077e3bd663c889d534719331c76356e88d80d43
Clipbucket version 2.5 suffers from a remote blind SQL injection vulnerability.
7dc8211e010244ae9cf4425d8fab83465c7a0a8ecade28de6cd2185bc60a2be2
Sphpforum version 0.4 suffers from cross site scripting and remote SQL injection vulnerabilities.
7502224f9e635dc27202e748cdf5015178a6e1641cbf8304333b802649a8903c
Cyclope Employee Surveillance Solution version 6.0 suffers from local file inclusion and remote SQL injection vulnerabilities.
273066191a655c86d91a70052edaa3a834b3139d3603270a7d1527b8ca95aea6
This Metasploit module exploits a SQL injection found in Cyclope Employee Surveillance Solution. Because the login script does not properly handle the user-supplied username parameter, a malicious user can manipulate the SQL query, and allows arbitrary code execution under the context of 'SYSTEM'.
943d1370d3c4c203bec054c6328adda12b9aa04b01b7010bb71dea9ec2bef8a7
Spytech NetVizor version 6.1 suffers from a denial of service vulnerability.
624d60f1e5fa6722803c808e21f27d4d93882b992953c1ecb81168ae1771bcae
Cyclope Employee Surveillance Solution version 6.0 suffers from a remote SQL injection vulnerability.
bd0909c3e422bbfd18d2ea996c369f5da57e023725ed14f2b97843f25e7ef12a
Axigen Mail Server version 8.0.1 suffers from a stored cross site scripting vulnerability.
b712d8ab578b4188e22a4207f80f37e1183a304194159d181703507b37e78350
EmailArchitect Enterprise Email Server version 10.0 suffers from a stored cross site scripting vulnerability.
1d614ed71a8927d8aefe626bbcff7dd35a56dc0ab018757a65f61785d9f38e5f
ESCON SupportPortal Pro version 3.0 suffers from a stored cross site scripting vulnerability.
276e0b8f015732fce0ae5dbd7e7bdd804d1aa558b1f1268b2d84dc292f750351
MailEnable Enterprise version 6.5 suffers from a stored cross site scripting vulnerability.
fd72faeb58eb75ffa50d2abc0e461b01e20ed0f5d946c64e0d92334ec5a8ef56
AfterLogic Mailsuite Pro (VMware Appliance) version 6.3 suffers from a stored cross site scripting vulnerability.
70975b139f142c6b5aa2788169c1656874f10ae8fd42b3b7714b3d1791acff41
MailTraq version 2.17.3.3150 suffers from a stored cross site scripting vulnerability.
146ace147ff06c7f56045da0af62a91fa81e836cd9400ac850544756e07b726e
qdPM version 7 suffers from a remote shell upload vulnerability.
de7d737317088da35d6c5415b3002cc2704e760c0485eed4b429a49321a72e9c
phpAccounts version 0.5.3 suffers from a remote SQL injection vulnerability.
30cdfeba324743b1bf4c4c95682a87039a6577116abd1abe95054f052c5f2cf5
Simple Web Content Management System version 1.1 suffers from multiple remote SQL injection vulnerabilities. Most of these issues were already priorly discovered in early 2011 by John Leitch for versions 1.21 and below.
82966c3a58927288ab4557775bf16493908a7de8d6566a8d84e89069b47fae4f
PBBoard version 2.1.4 suffers from multiple remote SQL injection vulnerabilities.
7fe5b20927aaffae29776bb564eeb8a96670bea62bb6fcb45a4fd730c7f8b817