A path disclosure issue exists in Webbler CMS version 3.1.3.
0267ae1558c984731c4b64348994f7232c96b5bffeaa5da4309b9287b10bbb1c
A cross site scripting vulnerability exists in index.php of Webbler CMS version 3.1.3.
87051462fc945e497754082567172ef3988047c8fc4db3d220a1645c04d9f3f7
A cross site scripting vulnerability exists in the Webbler CMS admin login page. Version 3.1.3 is affected.
7824d7393e81afe25b6d0835c76b1b0b8674f8e154465fd4bf2a3246a6c05171
By understanding how ASP .NET malicious request filtering functions, ProCheckUp has found that it is possible to bypass ASP .NET request filtering and perform cross site scripting and HTML injection attacks.
4b78fe2bdca6f7c490f51b3622de9ef13cf64b7899eaa6f8f39a70a7ab3ae074
IP Phones based on the Centrality Communications/Aredfox PA168 chipset suffer from a weak session management vulnerability. Exploit included.
1821bfb5f8cd756cd89b28517356ba2347b103a4fe336db4aabb7a4ab85a7751
The FileZilla client versions 2.2.15 and below suffer from a local credential compromise vulnerability due to improper storage.
b25fd57dbac01135b458f4ef6c6bb6f19a6c44cfc31b81c5109a0ffe085b399e
The FileZilla client stores passwords using a weak XOR 'encryption'. The value of the cipher key is static and can be found in the source code. This vulnerability has been successfully tested on versions 2.2.14b and 2.2.15. However, it is suspected that most previous versions are also affected.
637a74e948d0d2743a1666cf0c8f157510b94187658ebc3cb5fd4b191d073685