The Joomla Ultimate Portfolio component version 1.0 suffers from a local file inclusion vulnerability.
4ff51308f8ce9c2f7b3ab6d16d7568f287585249041d22d295fa2ef5972be67e
Crea Blog suffers from a backup database disclosure vulnerability.
e95f0661a5d255e786a7d5e9cc001524ca0249fb0344ba3781307fb109eafb3c
Boutique SudBox version 1.2 cross site request forgery exploit.
acd2aca4efdb3d41844914a9b5fbca56a5226691db5a231e0b56cf783790a073
Bigant Messenger versions 2.52 and below AntCore.dll RegisterCom() remote heap overflow exploit.
09f28e5a6175fe50a422d8d876f9dfc59a678733bd86ed092f9514cbe33d1137
Zikula Application Framework version 1.2.2 suffers from a cross site scripting vulnerability.
b8cef7e4bcaa43034a3c255a627a439616b9f8c053354eed3bfc6f399a3b1fee
i-Net Online Community site script suffers from remote SQL injection and cross site scripting vulnerabilities.
70bbf4f3fd51aab687f48e187b6c0d7d341a5b5b782e00e6c50db97e5a87a9db
2daybiz Auction script suffers from a remote SQL injection vulnerability that allows for authentication bypass.
ab220b2341d1b80e69d7799a3697e69119cc0841a496686fa300bd152302dbb1
iCommander is a free and open source Command and Control Centre that lets you manage multiple servers from one place. The idea of iCommander is to provide an easy and secure solution for system administrators that allows them to control several servers from one place and in the same time.
ffb48814b899ebddbe5c21e81828536d57266db2d7b5cfa67baa96fa22106201
PHP-Quick-Arcade version 3.0.21 suffers from cross site scripting and remote SQL injection vulnerabilities.
80eff95aaeccf8e9bac10fbf63b2247fcaeebc8effd09df48aa707b05115fb1f
FreeRealty suffers from a remote SQL injection vulnerability.
7fad51244abef07078f590003de3bd874bf306f5042adf4c3f2833c8c4f01e58
Infocus Real Estate Enterprise Edition suffers from a remote SQL injection vulnerability that allows for authentication bypass.
b0205cd798bb9f58af21ab24cc3a070a37c9a7ed9b449a77a03a50354076f806
Stumbleupon.com fails to properly sanitize user supplied input allowing for cross site scripting attacks.
de65a8b03b8714c95451579fce9fbdde7c74cdf8fb96260e84d2b64436153edd
Ning.com fails to properly sanitize user supplied input allowing for cross site scripting attacks.
be685207cfa2c2ad0270af96390a4154cc29afa16fb3e2562e97a29894c56ad0
This Metasploit module exploits a buffer overflow in Serenity AudioPlayer versions 3.2.3 and below. By creating a specially crafted m3u file, an attacker may be able to execute arbitrary code.
90b764ce20a97ac5db9d88000ab1c1bfdf3d748439a4bc8447cf37721e97a64e
NovellZENworks version 10.2 suffers from a remote code execution vulnerability.
e6ccaf5abe52c55e099e76dcbcf4850c160fb93a3d7922ff3755bed7bfd4d127
Debian Linux Security Advisory 2021-2 - spamass-milter with -x, a zombie process is left around for every mail received. This update corrects this problem.
b48f66e55e668b4850337bc935d180d56252b31c686d986dbf32fe31d06ec308
Ramaas Software CMS suffers from a remote SQL injection vulnerability.
00ca7d4cf708581497a1e55297a6773564f2f74a95c452edec34d44e508ee658
Zyke CMS version 1.0 suffers from shell upload and administrative bypass vulnerabilities.
f99d13f129e411e5bcc1867bfb22c608bbc7aa1f7d0af96bbb98815e03e61bec
CustomCMS Gaming Portal suffers from a shell upload vulnerability.
ec3b3eac91f12476770467c9c5a771e81bb75a9989c980499c05d565cd79eff6
CustomCMS Gaming Portal version 4.5.8.2 suffers from cross site scripting and shell upload vulnerabilities.
8e7d0045ee3f91b87b77dd8ab90cb9cfaade05016ee538cb4d02bb16372618f5
NCT Social Networking Script suffers from a cross site scripting vulnerability.
bc4284087fea64249e62380695b28ab270afe6ce2f35a6604a43b7b3dae77ec1
Team SHATTER Security Advisory - Oracle Database provides the DBMS_CDC_PUBLISH PL/SQL package owned by SYS that is part of the Change Data Capture component. This package has a SQL Injection vulnerability in DROP_CHANGE_SOURCE procedure. A malicious user can call the vulnerable procedure of this package with specially crafted parameters and execute SQL statements with the elevated privileges of the SYS user.
c35f4f8ed0b6742d878dc5ee1a8c8cca9fdc018856ad9e4443fbbf4bf0fcfaf5
Argosoft FTP server .NET versions 1.0.2.1 and below suffer from path disclosure and directory traversal vulnerabilities.
e52b9da6b0887367933ed2f6690f4687046639d35c7c646c0c0c17636bc218f1
Acart versions 1.0 and 2.0 suffer from database disclosure vulnerabilities.
5417f31c0f7eb5ceeb58e8eb0baa767587c7f8b568aa8a5fc0d3ed1d01997281
This Metasploit module exploits a buffer overflow in the Trellian 3.01 FTP client that is triggered through an excessively long PASV message.
872db9f4673bae649c2fed72e3e182fdb6e92c53499266b35f91a40c4641c7a2