VMware View Portal versions 3.1 and below suffer from a cross site scripting vulnerability.
6ff34d3c4c5414257facf8f8b5cdd2f2fd3e1d2c50b916d0ba65eccf0d979ba0
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
720edb009cb6438b0f052d5ac5e00f4961194644994839f8048a4df1b32fbfab
The Joomla JE Quote Form component suffers from a local file inclusion vulnerability.
61bf35df125c510a7e3dd988c89c38e9ee53e36cd51b4a049974054e4ab46472
Heaven Soft CMS version 4.7 suffers from a remote SQL injection vulnerability.
4d1e739a3a302e7c256f696ae6f067d5a4fcec851898d9507cc0227f20853a8b
Alibaba Clone Platinum suffers from a remote SQL injection vulnerability.
731f15ed4ac1feb5faa7fb6c5757e546cd0255ce83584463ca206332a94392b2
The Drupal Storm module version 1.32 suffers from cross site scripting vulnerabilities.
502796701a326543ce092a64ec542afb6affb2f3bec4e9478553db1438eebaab
Joomla FDione Form Wizard version 1.0.2 suffers from a local file inclusion vulnerability.
6074f175a4bc9b26da1579635e2f5f7f8c28a7571bb77e76a681a7bb84f8c037
HP Security Bulletin - A potential security vulnerability has been identified with HP MFP Digital Sending Software running on Windows. The vulnerability could be exploited by a local user to gain unauthorized access to "Send to e-mail" and other functionality of an HP Multifunction Peripheral (MFP) controlled by the HP Digital Sending Software.
409796c77f473f0a9a38655b8406ab38c4e67729a0865bdad55bdd7fa5e65a7e
Joomla JE Ajax Event Calendar version 1.0.3 suffers from a local file inclusion vulnerability.
b1377c5c9af133fe7257f7699c970c7e7c45f0f427b603a5e48c63ee19c0b26c
Heaven Soft CMS version 4.7 suffers from a remote SQL injection vulnerability.
d5053f3bbf3e988704a1712a9a91e81282544ab43abfc14f5f5c318111ced964
The Joomla JE Job component suffers from a local file inclusion vulnerability.
517b4fe22000272d7d05219eeb5f558cedb8836282c3ee74b469e85d17320990
SmallFTPD version 1.0.3 DELE command denial of service exploit.
7bb3d73cbab3ec01f536cee5ce392eb199b4af2b8c58d0699553025699162763
TYPSoft version 1.0 RETR command denial of service exploit.
9e743870310a319983612a510077f27e93555ce348bf5017ef067515f6ee954b
Debian Linux Security Advisory 2046-1 - Several remote vulnerabilities have been discovered in phpgroupware, a Web based groupware system written in PHP.
3a8e814f54641e9618488f5ad59558887178f21178734ccbb463644a2e4ce890
Badoo Services Online Community suffers from cross site scripting vulnerabilities.
7611f65701e08eb5178c7c4e3aa204ba2fe0db11dd27d57942e6f5cd87051036
WFTPD Server version 3.30 directory traversal exploit.
2e2fb1913a585ae5cf5f8fb18da7901f4b134cb92fceedd7436ccec16353d38f
Link Bid Script suffers a remote SQL injection vulnerability in links.php.
40b0067b4a9fc88853e5631994823560d6c750513431c7d32b8814360e116ae1
Abyss Web Server X1 suffers from a cross site request forgery vulnerability.
6a8b0a0b3df4f6bea2398734044f1276abd5e1f4af92134da2bd728aab1a0f1a
Secunia Research has discovered a vulnerability in aria2, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application not properly sanitising the "name" attribute of the "file" element of metalink files before using it to download files. If a user is tricked into downloading from a specially crafted metalink file, this can be exploited to download files to directories outside of the intended download directory via directory traversal attacks. aria2 version 1.9.1 build2 is affected.
5db2e877b929448ce53fbaefcd4fe1dc429beb3e14f7b1dcec039f413a870480
Secunia Research has discovered a vulnerability in Free Download Manager, which can be exploited by malicious people to compromise a user's system. The "name" attribute of the "file" element of metalink files is not properly sanitised before being used to download files. If a user is tricked into downloading from a specially crafted metalink file, this can be exploited to download files to directories outside of the intended download directory via directory traversal attacks. Free Download Manager version 3.0 build 850 is affected.
60c825619601682037a8558f5c997dc4b92f393d1622d48462b4a8dad92fde7a
Secunia Research has discovered four vulnerabilities in Free Download Manager, which can be exploited by malicious people to compromise a user's system. Free Download Manager version 3.0 build 850 is affected.
a7c535c78279767e6f7e01d49794419b36ad3c9b5fb60a3d1bcf78f26b853f28
Secunia Research has discovered a vulnerability in KDE, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to KGet not properly sanitising the "name" attribute of the "file" element of metalink files before using it to download files. If a user is tricked into downloading from a specially crafted metalink file, this can be exploited to download files to directories outside of the intended download directory via directory traversal attacks. KDE version 4.4.2 is affected.
4753c3b2fd7ba990fce8cff97b3b26d9f9af9b4835f05f0238026d7fc09ec1ca
Secunia Research has discovered a vulnerability in KDE, which can be exploited by malicious people to bypass certain security features. The vulnerability is caused by KGet downloading files without the user's acknowledgment, overwriting existing files of the same name when displaying a dialog box that allows a user to choose the file to download out of the options offered by a metalink file. KDE version 4.4.2 is affected.
00f3b8e980ac034a80679c30c79ae908a7436b59928d9cc490152b17d823b990
The MigasCMS Xinha plugin suffers from a configuration injection vulnerability.
c2efbc6f4077b06fdac5a6b31f8f71002af458b8b719e46806e92ff52607b1e5
NPDS REvolution version 10.02 suffers from a cross site scripting vulnerability.
f5791baaef27c943130257cebc4f3ae8c581964acf8f9039c499648496aa4c4c