bbPress version 1.0.2 suffers from a cross site request forgery vulnerability.
2ee0732a1f59b4090c968ce103a6daba9358d51c053e9163bad8245861080d3e
MOHA Chat version 0.1.1 suffers from a cross site scripting vulnerability.
c0014ea4d0d8b8b8367fb41e7cac58483667c8bd7e60e46008515eab9f29deff
Jornal Digital suffers from a remote SQL injection vulnerability.
95888e53b1a9f6b46dce5d2f7b14353e02cbacce43f5177ffbc45c8c2ae3dbdf
Comunidades.net suffers from shell upload and remote SQL injection vulnerabilities.
af93ae0e3328ec72a7a995913c8a34b1eb6596883c5c88b23fa732737fe50d62
CMS Contentia suffers from a remote SQL injection vulnerability.
a2d0b2e12196f78854029be11f1833019ad29327a4069825fa36c8d31000e43f
HoloCMS version 9.0.47 suffers from a remote SQL injection vulnerability.
9823520f6ad7b80cf2d2f691885380b165df08837f88fc5ef98569c37892218e
LIOOSYS CMS suffers from a remote SQL injection vulnerability.
3f09445e2d8e0e55fc937261fa634177e87926ae916ec546beb378e7a8ad0f0c
28 bytes small setuid(0) and kill(-1, SIGKILL) Linux / ARM shellcode.
4bad1d0b679d87172dcc6f02fb16b79316d8719d6008dd9f4cf6b949a4423cc8
116 bytes small polymorphic /bin/sh Linux / x86 shellcode.
7dd86cbe290368eb69d593cc1e2c0a757cf2052f44689215dbf16523fd5a534c
Secunia Research has discovered a vulnerability in TaskFreak, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "tznMessage" parameter in logout.php is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Version 0.6.3 is affected.
8c75bc9ff10dd71a098e9581f3d12c8224dadaf828e04861b959f5d519f803af
Secunia Research has discovered a vulnerability in TaskFreak, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "password" parameter to login.php (when "username" is set to a valid user) is not properly sanitized before being used in a SQL query in include/classes/tzn_user.php. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation allows bypassing the authentication mechanism, but requires that "magic_quotes_gpc" is disabled. Version 0.6.3 is affected.
402599254250524376ff02d09c308db5397a2e0e9277f2833f67dbcb34a62353
Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
7774ae1bcb40d0442f751b75726b0656a983490e5d60ee1c82155d6d79878a4a
38 bytes small setuid(0) and execve("/bin/sh","/bin/sh",0) Linux / ARM shellcode.
7518787117780d501fe3384e13c5100c61a274b83ba5712d5a476c7c0f2a03f0
ArcademSX version 2.904 suffers from a cross site scripting vulnerability.
e770778d6aa4038ff6a6b83970530ccbd968d2c967defbe34b35fe87c2aa7045
TornadoStore versions 1.4.3 and below suffer from cross site scripting vulnerabilities.
92c1121c6831c5a577d60e10a6710d9a1c246a997843d48ddab155167b739e84
TornadoStore versions 1.4.3 and below suffer from a remote SQL injection vulnerability.
25be905489a49bf4bbf76c69ef780de90aa2d098b47076f2a88ba1827cac2697
Gekko CMS suffers from a remote SQL injection vulnerability.
ebec3de39faf73b99706ef50949b18736ad189aeb735ba9f304c454b8ebeda8a
Atarim Design suffers from a remote SQL injection vulnerability.
9f6d9bdbfd01d61b4424ab41ad0fc6a1c0d2fadcb22287df745e3c328f9568e8
The D-Link DAP-1160 suffers from an authentication bypass vulnerability.
a9f5cea857a1666b127ea7343b56365f2741ec2153b1da2c5d7ff03654988c02
YPNinc JokeScript suffers from a remote SQL injection vulnerability.
59fb39995f99f6d188a1bd0bd86e70bf26bc9c6cd2175e61ba510eb354765a96
Grafik CMS version 1.1.2 suffers from a cross site scripting vulnerability.
30aafcf09386c9c3b6b2a826936a703b6f82093fa5f7831e1f97233167cdda3a
PortalApp version 4.0 suffers from cross site scripting vulnerabilities.
db67a47bc5c1ba4ae55e90618ceae7aa0926fc94e9ccdcfbc4362fb60bb899bb
PortalApp version 4.0 suffers from a cross site scripting vulnerability.
f14437a63040f0abd7c6b9f6f9c50c02a54131db4290ff66f118f771c47d21ab
Grafik CMS version 1.1.2 suffers from a cross site scripting vulnerability.
31c9cda96f4d3f0b2f2a33c565dab9a1eae983038faca012387b3b2d738c0e58
Grafik CMS version 1.1.2 suffers from a remote SQL injection vulnerability.
2dc5213ed0fea7eac8a62adad5d9c17b59b049120d19a990242c7c70eff736bd