Flexible Poll version 1.2 suffers from a remote SQL injection vulnerability.
ab2d7954158d6766af2d99a86cd8f7f0e21ca946b137c93bd422c4dbad85e088
HP Connected Backup versions 8.6 and 8.8.6 suffer from a local privilege escalation vulnerability.
4ec9745a0caf80870df4736931099f57d3387759529f891827958c5514239ef7
Easy Car Script version 2014 suffers from a remote SQL injection vulnerability.
707b4d0a2d9f8df9e20545af52cec5f66718e2bbfe631de8bcb7b7d9a3360c20
RSVP Invitation Online version 1.0 suffers from a cross site request forgery vulnerability.
6301753a236a73677d022addf607d8aa1e08dec6774a2ca30239f6fa3bd7260a
Affiligator version 2.1.0 suffers from a remote SQL injection vulnerability.
47a6807383be74706ce40c80dd66dc2caaea26a0d898ec51aebc271609ebe389
LiveCRM SaaS Cloud version 1.0 suffers from a remote SQL injection vulnerability.
8a258f3994f63a36cb6aa95f18cdb198aee610909d7b955f871f08a8182e316e
OTRS versions 5.0.x and 6.0.x suffer from a remote command execution vulnerability.
23fe45cabaca7cc03e2a146ba871fc0b22ff7ab6b10b14757a820e061c0f32db
PHPFreeChat version 1.7 suffers from a denial of service vulnerability.
099939bf72123543b3b8464c19b21e1cd162462d82fc6a640e32d95821c26d5f
Whitepaper called Hardcore SAP Penetration Testing.
986b9f90a45b4f44d94014583a6977f3c90b0e20588aec50916aef9f9e0baf39
Stok Takip version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
3e3c47c39d6e7d2cb47bf2481753a2206cf561455c8212b6ffff3035e57dc1c5
CMS Made Simple version 2.2.5 suffers from a reflective cross site scripting vulnerability in /admin/moduleinterface.php.
8e7f9e7b0ab030d9e463fb4e3b5c3184be7935f54ee3013b451d283dbf0b9b96
CMS Made Simple version 2.2.5 suffers from a reflective cross site scripting vulnerability in /admin/moduleinterface.php.
f6981913ae80d9b223c59d482d07ff8b0c74e6c77731b521a8667141c7591afe
CMS Made Simple version 2.2.5 suffers from a persistent cross site scripting vulnerability.
48015b3e10000429dc080fa3869edc8023e0b99b27310b904d0c39191aceb172
Netis-WF2419 version 3.2.41381 suffers from a cross site scripting vulnerability.
bc73631df2ec9110c1bf80c502df4b7fb26a01a43e50d7304c938671b05798f2
Ubuntu Security Notice 3543-2 - USN-3543-1 fixed vulnerabilities in rsync. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that rsync incorrectly handled certain data input. An attacker could possibly use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
5323891febd654fdc5e5b61cadd1f7d96d80d249af427395772c5e5365b4cdcf
Ubuntu Security Notice 3543-1 - It was discovered that rsync incorrectly handled certain data input. An attacker could possibly use this to cause a denial of service or execute arbitrary code. It was discovered that rsync incorrectly parsed certain arguments. An attacker could possibly use this to bypass arguments and execute arbitrary code.
88b932fc345888256e893075168ff8d11ebdd8f06d8807908946b70728afa8be
Red Hat Security Advisory 2018-0116-01 - The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Security Fix: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.
24f1289855623d5eb0b551436f7ec8455fb2491f28690d7224baebcf36782aeb
HPE Security Bulletin HPESBHF03805 7 - On January 3 2018, side-channel security vulnerabilities involving speculative execution were publicly disclosed. These vulnerabilities may impact the listed HPE products, potentially leading to information disclosure and elevation of privilege. Mitigation and resolution of these vulnerabilities may call for both an operating system update, provided by the OS vendor, and a system ROM update from HPE. Revision 7 of this advisory.
94411ff231e0a5b8a3ee2841348b7cac92c5c35fdf9e1a30ff3519eb7d291886
Debian Linux Security Advisory 4094-1 - It was discovered that Smarty, a PHP template engine, was vulnerable to code-injection attacks. An attacker was able to craft a filename in comments that could lead to arbitrary code execution on the host running Smarty.
10d1177f7e54651d534936029798276dcc8f90250251e3e03899860e929c0e1e
Serhat Sozluk version 5 suffers from a cross site scripting vulnerability.
70f6af47ab12c1029ac0faa9a99109e9a839a119beea20cc973414101e403c06
PayLink version 3.0.1 suffers from a cross site scripting vulnerability.
6bb54021bce97aa6ea9cde6c4f2f502574469fc940573cdc94b7f792539dad3b