WordPress Spam Free plugin version 1.9.2 suffers from a filter bypass due to letting the client define the "comment" source IP address as a variable being passed to the server.
a4bff041963cdaab3664b99e8efe9ad4aed56f50b5b3e27f611f817c324772e5
Whitepaper called Introduction to PE and Reverse Engineering PE on 32 Bit Machines or Pengenalan PE dan Reverse Engineering PE 32 bit. Written in Indonesian.
67563a1471b9ec4f4e5bcb5ef337d5cf6b256489d8d9b9f3d88bd12c9f246212
Joomla LiveChat component version 2.0 suffers from cross site scripting and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.
aa8494a79d83fc8c2e7b2a901cd65103b76a5e883ad4f143bf28ef5509ac8d39
Joomla Ignite Gallery component version 0.8.3.1 suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
76bd9576cfd1f666db8fff9d9481f6d321e87c026dd7b9ca6cdfd36d42ef9586
Webimage suffers from a remote shell upload vulnerability.
015a2f33f34ab7e685c2db912e07f1fdbf1ee7ed138dbe21c78397ba8cf6fb15
Arp Scannet is an arp who-has scanner for Windows.
6c1e0ffddab6b5ba0ca61651c91eddc46ab31fb24a54d4ac72f2ffccbd111a39
TomatoCart version 1.x with the Piwik extension versions prior to 0.5.5 suffer from cross site scripting, open redirect, and denial of service vulnerabilities.
4cacfaac4eabb374d22a4f23d52c9148e7ce813df40ab1a52f060a869db42bf6
Login credentials for Yahoo!, Gmail, and more are left in cleartext in /tmp when provided to the WordPress OpenInviter plugin.
e8a8b49621ce0dec9b8616272cb96fc3f7695acc2706ece3bd2465439cb3ca17
Sites designed by Contacto suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
d22b8f3a7653af24c6d99cf9d97c5ddc31438918dc4c21280764a67ac1bd889b
Sites designed and implemented by FRONK Design suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
7092fda62501758d1cf1f8978c834e8222746bc614637d78bafc5bd5e2d5a9ca
IShang CMS versions 5.0 and 7.0 suffer from a remote SQL injection vulnerability that allows for authentication bypass.
03fdd395bba1e60ce62f2dcd137addac4dd66248609fa913aadb8aa2ac369f72
Nexpose Security Console versions prior to 5.5.3 suffer from a session capture issue due to logging session IDs in log files.
4c994eb774788fbfe685db420f56bddf14cf43ab67a67bbd1e8de316a3866ddc
Nexpose Security Console versions prior to 5.5.3 suffer from multiple cross site request forgery vulnerabilities.
2ab236e8fd3a5626f46e5dfaef24b96342ac137611054ad316386afbe67825af