DirPHP version 1.0 suffers from a local file inclusion vulnerability.
f922f10049cb2b15a1b16614078725aebb5d95d2cdee5216b779aaa91992d8b9
Barracuda Networks Spam and Virus Firewall version 5.1.3 suffers from a cross site scripting vulnerability.
fd6bc76304668027f8977a257f29b78b7d5fd39378c30f51b54a32ea8719b644
Android's SDK suffers from a SQL injection vulnerability in the delete() method.
046033dbaaf5bdd27428cd7cdb0cfd8935c69d769ad6e6b0e0901db8c882e245
CMSimple version 4.4.4 suffers from code execution, default credential, and remote file inclusion vulnerabilities.
546f3b040627c929621993bc0ed2e5a06d948532cc8351e131db507ae36d5b75
MasterCard.com.au suffers from an open redirect vulnerability.
17091aa154924d37cfd73e3daf265786342f19af4f9ee46ad81527ff34d612aa
WordPress Slider Revolution Responsive plugin versions 4.1.4 and below suffer from an arbitrary file download vulnerability.
5741a1911337aab8b63be960a0944a5df6cd526dcc7be9097e32d2f40cfaa290
Sagem F@st 3304-V1 suffers from a denial of service vulnerability.
089e8d0a65adc5f8eab0b71bb5f705b88968a278bc59b169bca15e150f1b2b50
Some products from dtSearch Corporation suffer from DLL hijacking vulnerabilities.
87e83a726c488205e1c94f35efd7cb24908ceba7d6b5cee6a82f172f67229fee
WordPress Lead Octopus plugin versions prior to 1.1.1 suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data. NOTE: The author of this plugin has contacted Packet Storm and claims they have fixed this issue as of 2014/12/07. The fixed version is 1.1.1.
e229e4737c7358e8d3d774eb912c332444859671ff6cfb1f926797bc8f4fcf09
WordPress FBGorilla plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
f89f508dfe6ffe796d290addc918b30d1491a26d310f6cc72ac228fda1c72c98
WAF-FLE is a console for ModSecurity. It allows modsec administrators to view and search events logged by mlogc or mlog2waffle. The dashboard shows a graphical view of events, and when combined with the powerful drill-down filter allows quick searching for relevant events. Events can be viewed in detail, whether sent by one or many sensors.
b3f7747610c52ea609642dfb637bab2b5905b8c8511ebef2f9a36e5615ee1f1c
Viproy Voip Penetration and Exploitation Kit is developed to improve quality of SIP penetration testing. It provides authentication and trust analysis features that assists in creating simple tests.
804f9b4c83d5ccb2b408d8d927fe6b3a91923b84aafe53f383b2a42e494bb041
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
221a413d0954cf6378ce29e549e7de0c9a04592d9421e844d46dfd1b59d13a8c
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
3a8266ae401d355298c31567df9ddb852a88a6a4a046df54bb7ff50e1cacccaf
Bugzilla Security Advisory - Bugzilla versions 3.7.1 to 4.0.13, 4.1.1 to 4.2.9, 4.3.1 to 4.4.4, and 4.5.1 to 4.5.4 suffer from a cross site request forgery vulnerability.
cd0337a3196b87e65a4382c3d46665e5a07957324bbe8fa092ed144b51893ab0
Debian Linux Security Advisory 2989-1 - Several security issues were found in the Apache HTTP server.
6a2e0fe2e7dd2939b32d62124cbffac15ed98b20d36d18e10fd6076278bcd60c
Debian Linux Security Advisory 2988-1 - Ben Hawkes discovered that incorrect handling of peer messages in the Transmission bittorrent client could result in denial of service or the execution of arbitrary code.
9cd5b0aa71fa0a9673cbbc99e208e5bb93e7fd049bfa2868f05da44789369498
Netgear DGN2200 with firmware version 1.0.0.29_1.7.29_HotS suffers from a password disclosure vulnerability.
fe3616ab9fc7139749487df4bffe5aaae99e953e9bed6452c87d511fe27628fb
Moodle version 2.7 suffers from a persistent cross site scripting vulnerability.
959eea10516335cfd227b085fe290db6e24c09b51b65eae621a5fba7876d90e6
Zenoss Monitoring System version 4.2.5-2108 64-bit suffers from a persistent cross site scripting vulnerability.
b6b364b0ca0afa7eba0ab172d073556261e1df677443861f1f420ec11a947851
Easy File Sharing webserver suffers from a persistent cross site scripting vulnerability in the forum messages.
5fc2edb57adb417649cbb0813d961bc52ba43a0b6708d698727e55ceb5ae4c10
A vulnerability within the MQAC.sys module allows an attacker to overwrite an arbitrary location in kernel memory. This Metasploit module will elevate itself to SYSTEM, then inject the payload into another SYSTEM process.
c3dce854c36c28e545304c300892721f5fed0a84228f0ce24204cc34d072d2a6
BulletProof FTP Client 2010 suffers from a buffer overflow vulnerability.
a3e7475d74bd6f99e53fd8483d4127bbad6e74912100255cd47b89d09a52540d
Ubiquiti AirVision Controller version 2.1.3 suffers from an overly permissive default crossdomain.xml file.
6318c6697c238ece9eeaeec23969f86bf02a5ced36a26fc6cec3e4b648f18ab6
Ubiquiti UniFi Controller version 2.4.6 discloses the administrative password hash via syslog messages.
597a700074a9e5cd6247e5ed9af269ba563e594e93c3abd71b128f81eabf405e