NASdeluxe NDL-2400r version 2.01.10 suffers from an OS command injection vulnerability.
df902fffe771a83318d68fb4a1dac2c82339e67536200c100f67b3f129f20ef4
NUUO NVRmini2 / NVRsolo / Crystal devices and NETGEAR ReadyNAS suffer from multiple security issues that result in remote code execution, backdoor access, buffer overflow, and various other vulnerabilities.
bf5b9b9d392b13530fe4985e7374bba1178cae9346921dade84d3c31ba0891fc
D-Link NAS and DNS series devices suffer from a stored cross site scripting vulnerability leveraged via unauthenticated smb.
9bea630d3d38c702848bb36c64938bc6d9f67aa4a832a9ec706a406f0d228f6d
WordPress Count Per Day plugin version 3.5.4 suffers from a cross site scripting vulnerability.
d69f6409f9285b4b341d81988998df80a9629b3685c4fee05a3057a084dfc9e1
WordPress FormBuilder version 1.05 suffers from a cross site scripting vulnerability.
c56303663ea7a2852d8c3f6613f639585b306b1f1729381fbaf87f633594ba74
K2 Joomla! extension versions prior to 2.7.1 suffer from a cross site scripting vulnerability.
a3fc93581f4ead8a4b1dbb2062c9656ac81bf9a53d8937c89a7c7a7b4db0204f
WordPress Events Made Easy plugin versions prior to 1.6.21 suffer from a cross site scripting vulnerability.
5421ba9cbaadc593ea64e1f541c99998a2a70b41120f28aa53dc662db5b65743
net2ftp version 1.0 suffers from multiple cross site scripting vulnerabilities.
217f09c68e480e79756201d7d52f3bf0df2ca5e947fe9abbdefc398dfb61a8c5
FortiManager (Series) suffers from a bookmark script insertion vulnerability.
6f79162c8a16b34e1b280e48a562fec2fac95f521e43bdc4694bb114f40bfd26
WordPress Count Per Day plugin version 3.5.4 suffers from a persistent cross site scripting vulnerability.
f182cd2f3622d02f747476d7f6598b53372149526fcffc8e5ff1ae604c1a4923
Vulnerabilities in the SpamCall Activity components of the Samsung Telecom application can crash and reboot a device when a malformed serializable object is passed.
dcc3ab9deaf946489cdf85bad7d76e17c8fdcff1277255be9ef82e1c4a60972c
FortiAnalyzer and FortiManager suffer from a client-side cross site scripting vulnerability.
3523161c4af4faddd6893f95b277bde86a92f3df5a0cf403c9955a581c507ce1
WordPress Yoast SEO plugin versions prior to 3.4.1 suffer from a stored cross site scripting vulnerability.
b80f18dd61454008092f18d2cf58a5d038b3d8cc61191ec776c2072d67e86c08
NetNeedle provides for encrypted control channels and chat sessions that are disguised to look like other common network activity. It only transmits "decoy" data in the "payload" section of any packet, so forensic analysts will only see packets that look identical to ordinary ping or HTTP GET requests. The actual data is encoded in IP headers in fields that typically contain random values. In addition to evasion features, penetration testers can use this tool to maintain control over servers in environments with highly restrictive access lists. Because NetNeedle subverts expectations surrounding network traffic, it enables users to set up back doors that use simple ICMP packets or TCP ports that are already in use. Administrators who believe that they are safe due to "principle of least privilege" access control lists or who believe that ICMP ping is harmless will find themselves sadly mistaken.
56da4a7d0137517d311b0345a3bd36bb779ed022129f6019d8d167245c947157
Joomla Video Flow component versions 1.1.3 through 1.1.5 suffer from a remote SQL injection vulnerability.
c6933ed1622fde52df5cb8ec589f674635f3f68310d7cffb2bf313ed22398e5a