phlyLabs phlyMail Lite version 4.03.04 suffers from multiple stored cross site scripting vulnerabilities (post-auth) and path disclosure when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site and displaying the full webapp installation path.
25a22286a3e4d3870db201532bda79c08d9029a4a99ca5c0e6401a0b64d439a1phlyLabs phlyMail Lite version 4.03.04 suffers from an open redirect vulnerability.
e2efd1237f90dd37c0ff5bd1942b229f2c99e62152e8cb32996850ddfbd117d8Ad Rotator AdPeeps version 8.6.9 suffers from a persistent cross site scripting vulnerability.
48c300e005d98feed67fa72d39434f6a96687806617cb2d96317389d6c70eb0cA hand-crafted JSONP callback and response can be used to run arbitrary code inside client-side browsers via Adobe Flash in Apache CouchDB versions up to and including 1.0.3, 1.1.1, and 1.2.0.
5a2dd81bafd715b2feba5ff5376839517a8c160f8e3cf3ca974c5d881e77a6d6Apache CouchDB versions up to and including 1.0.3, 1.1.1, and 1.2.0 are vulnerable to a DOM based cross site scripting issue.
c4a4d0ab65eac5dc5149ee6760f776cab2bbc0d6b3d641a0e367abd408c3dd9fApache CouchDB versions up to and including 1.0.3, 1.1.1, and 1.2.0 are vulnerable to an information disclosure vulnerability via unescaped backslashes in URLs on Windows.
695edda9ff914489aa4029a5b2464d213b6047fda517767aad52f0a0fcaa41c1Allembru Ad Manager version 3.0.2 suffers from a persistent cross site scripting vulnerability.
c17d6ba03ce68cb494b6af0d86c15683782964c178fa3803ff14b4d5f4ad75abCalendar Script Easy Membership Management Application version 1.2 suffers from a persistent cross site scripting vulnerability.
16f16c1618bc031526405b1143082ceb9cb684dba30f827742446c5badeaceb5PHP Shop version 2.0 suffers from a remote SQL injection vulnerability.
bf2e314f6bee9de6279db4056fee862019967da75bdb7fcd33cb0af3c2bb5691The Serva version 2.0.0 DNS server suffers from a QueryName remote denial of service vulnerability.
b5cbd744342ad1eecd6b836f545154e91f162a2f846c7f9001896942b50d5e8dThe Serva version 2.0.0 HTTP server suffers from a GET remote denial of service vulnerability.
001b100a5c4e82ff91b36a959ef4c456faa5256c9837bae79b525146f1d84dc1Nibbleblog version 3.4 suffers from path disclosure and shell upload vulnerabilities.
4a9155a4b7e5e0064087bb554e20c312f71b9305a572fb44142bbcdc6c4fc503The WordPress Daily Edition Mouss theme suffers from denial of service, abuse of functionality, cross site scripting, information disclosure, and remote shell upload vulnerabilities.
335a5efd918ad47de67d9346c79676913e0a6826499a0695731fbd09eb8af336Secunia Security Advisory - A vulnerability has been reported in Siemens SIMATIC RF Manager, which can be exploited by malicious people to compromise a user's system.
faacb39d6a3cac8c7d70e42393bf2e09cf9409b060a0b1b339d78007c78d2addSecunia Security Advisory - Multiple vulnerabilities have been reported in BlackBerry Tablet OS, which can be exploited by malicious people to compromise a user's system.
54d0484e1c2d28aaf35a11e2a248871834c969081d90373cc6c620f0f648ce22Secunia Security Advisory - Avaya has acknowledged multiple vulnerabilities in Avaya Call Management System, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
09a11b28044c71bbddaa313fc071a739c35e8de1212ad7b9b74a3e9a950a1d63Secunia Security Advisory - Debian has issued an update for asterisk. This fixes multiple vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
179fc372320a7e448fa285a0234d88c70f9d2f504c368e82d5975eddcd6c1380Secunia Security Advisory - Debian has issued an update for proftpd-dfsg. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
b0c983cde9a088a4902b908c5eb38d51c7d09eff8f39961d241871fc7b25d3dbSecunia Security Advisory - IBM has acknowledged a vulnerability in IBM System Storage TS3310 Tape Library, which can be exploited by malicious people to cause a DoS (Denial of Service).
f0050afbc94d50e9868ab09c5dc5e1680e74237caa4b91ee042336b705d057aeSecunia Security Advisory - Digital Bond has reported two vulnerabilities in CoDeSys, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system.
dcf7a3534ffb9faf2ce051cf83170867979126c1f8836ac7d4850377c63cdc69Secunia Security Advisory - A vulnerability has been reported in Icinga, which can be exploited by malicious people to compromise a vulnerable system.
ff7b750e9f710c07647b3cb3e4f5427880eb899941402013dcaa0e596343f78aSecunia Security Advisory - A vulnerability has been reported in the WP Photo Album Plus plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
d1d844f9fcb78daaa7eba2b8e8bbe4a6930cccaef784858964722727b35466f9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed