TinyDir versions 1.2.5 and below suffer from a buffer overflow vulnerability with long path names.
cdcc3ee8902aca56a1a663bef58fe0cd58c43fd5918cc6c25bfa566f389d2573
Debian Linux Security Advisory 5572-1 - Rene Rehme discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly set headers when handling attachments. This would allow an attacker to load arbitrary JavaScript code.
7488c1f8cb39c45a8e6fb8d221877649d21afc6a14f9c3eceb2b735b03ccc617
PHPJabbers Appointment Scheduler version 3.0 suffers from a CSV injection vulnerability.
91df452bdb8414c73939d446206345890d6047ab573faf07167ba3465035c78f
Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers.
fb0dc4b2bc92cb31f8069f64ea4d47295bcd11067a7184da955743de7d97709d
PHPJabbers Appointment Scheduler version 3.0 suffers from a missing rate limiting control that can allow for resource exhaustion.
c4139915e46fef357730abad6be1bb960a85b529ac04b96475adeb2dae8eea93
PHPJabbers Appointment Scheduler version 3.0 suffers from multiple persistent cross site scripting vulnerabilities.
bfc938e6e7895ad38fb6bab62ee404ab6d5c6f4f9a1fc5f93e362333dc7bc331
PHPJabbers Appointment Scheduler version 3.0 suffers from multiple html injection vulnerabilities.
4e08e35e0e0eda4f6efe64d3e3a3248c3265ce78404eb2cf8969e8ea0bb8ae23
October CMS version 3.4.0 suffers from a persistent cross site scripting vulnerability when a user has article posting capabilities.
d580a80cc73913f04ace7c62f85113ce9e77937e62898798e82b472da77074cf
October CMS version 3.4.0 suffers from a persistent cross site scripting vulnerability when a user has category-creating capabilities.
36668205e95cab2b322636af7be77779877c012806877e9084103fc48afda16b
October CMS version 3.4.0 suffers from a persistent cross site scripting vulnerability when a user has blog-creating capabilities.
96b738ec0ed1ddb9e322f25138fff8f77ecb84dbd07ba3530ee0039680c3f1c1
October CMS version 3.4.0 suffers from a persistent cross site scripting vulnerability when a user has author posting capabilities.
fa27de65868b7a449ef6325d904dca7874168f0b58c222353c466ee363abde93
October CMS version 3.4.0 suffers from a persistent cross site scripting vulnerability where a user has the ability to edit the landing/about page.
ca674a079c1f7de869829d79e2a37dbd839d64c194a488dc6d93277574fbe1fe
PHPJabbers Car Rental version 3.0 suffers from an html injection vulnerability.
b615ce21c59a8802d26a9e4c2d6d5d4123022b8add6057aafeee363a9a711421
Ubuntu Security Notice 6509-2 - USN-6509-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. It was discovered that Firefox did not properly manage memory when images were created on the canvas element. An attacker could potentially exploit this issue to obtain sensitive information. It discovered that Firefox incorrectly handled certain memory when using a MessagePort. An attacker could potentially exploit this issue to cause a denial of service. It discovered that Firefox incorrectly did not properly manage ownership in ReadableByteStreams. An attacker could potentially exploit this issue to cause a denial of service. It discovered that Firefox incorrectly did not properly manage copy operations when using Selection API in X11. An attacker could potentially exploit this issue to obtain sensitive information. Rachmat Abdul Rokhim discovered incorrectly handled parsing of relative URLS starting with "///". An attacker could potentially exploit this issue to cause a denial of service.
ad83f1762f0c9b91d83173c5919f250795adb5f0c74dd9b083106a33e56ea5bf
PHPJabbers Car Rental version 3.0 suffers from multiple persistent cross site scripting vulnerabilities.
88613e2e49fa83781333027bf741fc0382e56bffb3e5b621cf78a84757587689
PHPJabbers Car Rental version 3.0 suffers from a CSV injection vulnerability.
76d5aaed8fb6f55066b5e1736817c5e918c51cfd401081fba181ad61f4ba7327
R Radio Network FM Transmitter version 1.07 suffers from an improper access control that allows an unauthenticated actor to directly reference the system.cgi endpoint and disclose the clear-text password of the admin user allowing authentication bypass and FM station setup access.
957fbcd8e2322bfb4df06832e6de97007a8bedfc7567ee79382899cdc5a7a54d
PHPJabbers Car Rental version 3.0 suffers from a missing rate limiting control that can allow for resource exhaustion.
1e25466f2392b79cadc7889f8e530e0d2c5c8b2ee6f9c3217853e9ae88e4758b
PHPJabbers Time Slots Booking Calendar version 4.0 suffers from a missing rate limiting control that can allow for resource exhaustion.
f1dfb0019c57abd3c9019650a3666922144cd5fc0bd2146660251fb2bbdc05e1
Red Hat Security Advisory 2023-7633-01 - An update for rh-mariadb105-galera and rh-mariadb105-mariadb is now available for Red Hat Software Collections. Issues addressed include a null pointer vulnerability.
2165f4c4088cccb2ffaafd3edfa36139e6ace90f396a6bfcbb446462f67e2115
Debian Linux Security Advisory 5571-1 - It was discovered that missing input sanitising in the HTTP API endpoint of RabbitMQ, an implementation of the AMQP protocol, could result in denial of service.
7957822e1b93b14f04419323dbc94e28eb76fa05e363e9d72f263770555fc295
PHPJabbers Availability Booking Calendar version 5.0 suffers from a missing rate limiting control that can allow for resource exhaustion.
6cecb49be3b4173f435cb87183129cce9d33ac6ef6f5040530cfde4c84ed1ffb
PHPJabbers Shuttle Booking Software version 2.0 suffers from a CSV injection vulnerability.
c937c34f8c7bdd3e156a5b73f2fa9b7e49ce5e0b41400346a7073e8ca4695178
PHPJabbers Time Slots Booking Calendar version 4.0 suffers from multiple persistent cross site scripting vulnerabilities.
e6b45e3f61a13423e59c968e1a0aa93d94b7096aa974eb58f208e7e877969979
PHPJabbers Time Slots Booking Calendar version 4.0 suffers from an html injection vulnerability.
ab9a0351616ce7e96456782c9f900796587b91b053d7a4d36f897369ad715f8d