11in1 CMS version 1.2.1 suffers from multiple remote SQL injection vulnerabilities.
8f338fea05da8a70b14eac783e7ae853bff8a0601221110a05476767993f0b9d
Open Compute Project suffers from a cross site scripting vulnerability.
88e6bde7b4c4895292ce9f4a199b111a24d596ec4238e6e02d7a952e19a48ef4
Etano version 1.x suffers from multiple cross site scripting vulnerabilities.
28b57175c61bb258524bb27853354f3bca4d3306fb2ca9247fdf33298840c1e0
ZB Block version 0.4.9 Final suffers from cross site scripting vulnerabilities in the User-Agent and Referer headers.
c14c01d2f9b5490074a0f43558bc480240ede588e35082f8a3c66d424173a91e
Dej CMS suffers from a remote SQL injection vulnerability.
a7d1c2eecc91ab2fdc1ae5c516aa0dc7a39a3ae2e3e501334e83b556f7641528
The XMLEncoder component of Symfony version 2.0.x fails to disable external entities when parsing XML. In the Symfony2 framework the XML class may be used to deserialize objects or as part of a client/server API. By using external entities it is possible to include arbitrary files from the file system. Any application written in Symfony2 that parses user supplied XML is affected.
41c5e9ed24bcfedc86e11b0fbb5e857209c2e898342bd3b498a8707a5985fdad
Ubuntu Security Notice 1382-1 - Austin Clements discovered that Light Display Manager incorrectly leaked file descriptors to child processes. A local attacker can use this to bypass intended permissions and write to the log file, cause a denial of service, or possibly have another unknown impact.
6197a7d618282d62205a6a7b667ca47b5e9604ccf33b90b4f62aea535d58518b
The Polycom web management interface on model G3/HDX 8000 HD suffers from a remote command injection vulnerability.
edd85665d7b90ac56ede22daa681765beb0fda23fc185dbf676283c9186e6397
The Polycom web management interface on model G3/HDX 8000 HD suffers from a directory traversal vulnerability.
318900245c518a8794796a8f52d7da21d13c57f032476a863283f40f224062c0
Open-Realty versions 2.5.8 and below suffer from a local file inclusion vulnerability.
b7403ee8713627a04dee9c28d85404db32ef1423c9f7f749ddb3a171f72c378b
Lizard Cart suffers from a remote SQL injection vulnerability.
4cf5c87edb263c7d0e6dacf4371892c991d7ae35cdbe5f4c87d69d4506498f86
This Metasploit module exploits a vulnerability found in Sysax's SSH service. By supplying a long username, the SSH server will copy that data on the stack without any proper bounds checking, therefore allowing remote code execution under the context of the user. Please note that previous versions (before 5.53) are also affected by this bug.
4c79bc67dd01aa9c6f086a33e5e924a0b8feec60ac0ce68bacb83a81e643b256
Secunia Security Advisory - Debian has issued an update for plib. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.
062baec2ccd14826ea060543332c49e6cf4e93bb307e5ea2d1bd6152901506bf
Secunia Security Advisory - A vulnerability has been reported in Refinery CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
4e433f68592f72d3d7f1949adfc6dd83d689e5ae69d72da1198573d277a322ea
Secunia Security Advisory - Debian has issued an update for movabletype-opensource. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose sensitive information and compromise a vulnerable system and by malicious people to conduct session hijacking, cross-site scripting, and cross-site request forgery attacks.
fdf07a2f47f0b896780d2fc0ed194cffa8131c64218cbae7ed5779ec74ef20a1
Secunia Security Advisory - A vulnerability has been reported in Parallels Plesk Panel, which can be exploited by malicious people to conduct SQL injection attacks.
25eb28f694bc47be7ded7a5b133263b7d7d8b252f5303fa2a187951b39df9157
Secunia Security Advisory - A vulnerability has been reported in the Witze addon for deV!L'z Clanportal, which can be exploited by malicious people to conduct SQL injection attacks.
ffc5ef0672c3dc0b09eef95981a013b8785bbc3f4fa30ac110036be49fc2fc11
Toronto Web Design suffers from a cross site scripting vulnerability.
469b950fab3a913816f7a78be0c0c5769e996236773cce5d5008bc8a489a89ed
Jhwebstudio suffers from a cross site scripting vulnerability.
4e064aae257ace6ea73fa453639ca5842a8464f8a063e80d443136e3c2688db4
Secunia Security Advisory - Two vulnerabilities have been discovered in RivetTracker, which can be exploited by malicious users and malicious people to conduct SQL injection attacks.
ba094eb7d07f2e24dba29c7ad9b63c7d425928f7d175522ca8d4ffa2a787f5ab
Secunia Security Advisory - Debian has issued an update for libxml-atom-perl. This fixes a vulnerability, which can be exploited by malicious people to potentially disclose sensitive information.
51c77e17c64624a02c1d6ad96a52d91f1b5e5a4752e7a45deae9228de184095a
Secunia Security Advisory - Two vulnerabilities have been discovered in AjaXplorer, which can be exploited by malicious people to disclose potentially sensitive information.
82d1724348ec2fdd45b1209d4347435d4e7e229fc02e33fe68b8ccad0673d5c9
Secunia Security Advisory - A vulnerability with unknown impact has been reported in Novell ZENworks Configuration Management.
759423f080b34dd26675c4324e18342e9362c5f703b85a360b333a771a8ec11c