VideoFlow Digital Video Protection DVP 10 version 2.10 suffers from authenticated remote code execution vulnerability. Including a cross site request forgery vulnerability, a remote attacker can exploit this issue and execute arbitrary system commands granting her system access with root privileges.
f1cf92d74150abb39ece448b2e879132cdeec1dad40e941838baff6d6ac1147d
VideoFlow Digital Video Protection DVP 10 version 2.10 suffers from an authenticated arbitrary file disclosure vulnerability including no session expiration. Input passed via the 'ID' parameter in several Perl scripts is not properly verified before being used to download system files. This can be exploited to disclose the contents of arbitrary files via directory traversal attacks.
9fdb71614470b3895e28afe235e28c5784709277cd64d29608144c5fc0584e48
The DNNarticle module in DotNetNuke version 11 suffers from a directory traversal vulnerability.
a41413f4c748f4fcf065a3f2c5c4e0ab8f4515a8fb6dafd0bde8c679cd929bf0
Homematic CCU2 version 2.29.23 suffers from an arbitrary file write vulnerability.
dd409c7f1b228ba72e9d1b5031af8e53c65f1eacf0f69e50abd6527af29fc5a5
Frog CMS version 0.9.5 suffers from a cross site request forgery vulnerability.
de887657ffddfe13ff2711bcdfd0a752e08c6fc7fb4d7096eb0a29acc662fcc2
WordPress Contact Form 7 to Database Extension plugin version 2.10.32 suffers from a CSV injection vulnerability.
a1e2f6ff5db573c57f2014f08ae3e5c445da423f0442bc5bf91d63f4b6974da0
Joomla Acymailing Starter component version 5.9.5 suffers from a CSV macro injection vulnerability.
79b6c5b7c330a02114e00055a2436ba7e3e992b66ce38f41a047b764a31482cc
osCommerce version 2.3.4.1 suffers from a code execution vulnerability.
3a9c8b3b77bdf3e503378fb0902da7dfcb3e2c29c42deb289a62f986ab00800f
MiniCMS version 1.10 suffers from a cross site request forgery vulnerability.
721a51e53d1998c15ee3fada2f7e9dc176be6d95e57db860592ccfbc8755bf96
Systematic SitAware suffers from a denial of service vulnerability.
4bb760f13fc71196edd91cdf71a8c42c83fa772fbb0a0e2ad4ba3a813ee7e121
Homematic CCU2 version 2.29.23 suffers from a remote command execution vulnerability.
557b93e2321a67871d7ee634a72bf196e8730d6ff7724ac372a8b095eff95cbb
Joomla AcySMS component version 3.5.0 suffers from a CSV macro injection vulnerability.
f34e0a09b18099dba0c7b06e0efc752e601eb227dd42dd32490f76f20726f914
WampServer version 3.1.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
905c4d7fd4fc2cf1c89222a0cb7e2346073185b02ec25bb49977dd24875f524c
WordPress Relevanssi plugin version 4.0.4 suffers from a cross site scripting vulnerability.
de2e9805aecef79b31fdcc4da3b54e9c98e5470b3d3467d95ff56e951dec4a73