WordPress CP Contact Form with Paypal plugin version 1.1.5 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
4ca24dce6febcbd29b64bd6c4dbef5e02ecfa37b4cc47e14a320d8aa640157be
Panda Kernel Memory Access Driver does not validate the size of data to be copied to both an allocated kernel paged pool buffer and to an allocated non-paged pool buffer. Furthermore, the attacker has control over the start-to-copy index regarding the non-paged pool buffer which allows an attacker to corrupt a kernel object with more precision, and control the EIP via a hijacked function pointer. Version 1.0.0.13 is affected.
eab4ee724270c93a18fa3a73a94be01509bfed60588585695b11e21975000fa3
Joomla J2Store extension version 3.1.6 suffers from multiple remote SQL injection vulnerabilities.
2495ca05c8e312061ad70427868645898c2ed7b6d86871b75506ad32b299c074
Simple Online Planning Tool version 1.32 suffers from code execution, cross site scripting, remote SQL injection, information disclosure, and path traversal vulnerabilities.
32dae8e31efafb0f8de6905c81b8d83bdf394bd0a72d081684525e19633c3dfa