PTCeffect version 4.6 suffers from local file inclusion and remote SQL injection vulnerabilities.
046f7baad0df2c97db124b073305bfd7178fb7f8669b3f780317d7b7cd245fde
WordPress WP JS External Link Info plugin suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
2ef7d352f427a842088de677084fa9899cee9258a7e93dc579f0735225b1b6cd
DuBose Web Group CMS suffers from a cross site scripting vulnerability.
71fc0768bde71f8ebbdbbe0c157814ad3cc0a5fa917f48b9bb50ab643d3f4771
CMS Morpheus suffers from a remote SQL injection vulnerability.
8d433affecbd9083d6d0d5ca8cfe33d5979b68bdbcdc7f1c99de36806ed33f5e
Wapoweb suffers from a remote SQL injection vulnerability.
feaf5ba80725f4f6e2ddd10437fe2b53cbb2c78f89802475d977337e593513be
Indeziner CMS suffers from a cross site scripting vulnerability.
717c52498e9ce4c54be05a50b667515fa0a0f0fb8e8c1d545452c7a08217743b
This Metasploit module exploits a vulnerability found in the ActiveX component of Adobe Flash Player before 11.5.502.149. By supplying a specially crafted swf file with special regex value, it is possible to trigger an memory corruption, which results in remote code execution under the context of the user, as exploited in the wild in February 2013. This Metasploit module has been tested successfully with Adobe Flash Player 11.5 before 11.5.502.149 on Windows XP SP3 and Windows 7 SP1 before MS13-063, since it takes advantage of a predictable SharedUserData in order to leak ntdll and bypass ASLR.
b765e1a53957bbf2df1ce33a8e36732231faa2f5864b98a4ceb6d3e0804e069a