Flexible Poll version 1.2 suffers from a remote SQL injection vulnerability.
ab2d7954158d6766af2d99a86cd8f7f0e21ca946b137c93bd422c4dbad85e088HP Connected Backup versions 8.6 and 8.8.6 suffer from a local privilege escalation vulnerability.
4ec9745a0caf80870df4736931099f57d3387759529f891827958c5514239ef7Easy Car Script version 2014 suffers from a remote SQL injection vulnerability.
707b4d0a2d9f8df9e20545af52cec5f66718e2bbfe631de8bcb7b7d9a3360c20RSVP Invitation Online version 1.0 suffers from a cross site request forgery vulnerability.
6301753a236a73677d022addf607d8aa1e08dec6774a2ca30239f6fa3bd7260aAffiligator version 2.1.0 suffers from a remote SQL injection vulnerability.
47a6807383be74706ce40c80dd66dc2caaea26a0d898ec51aebc271609ebe389LiveCRM SaaS Cloud version 1.0 suffers from a remote SQL injection vulnerability.
8a258f3994f63a36cb6aa95f18cdb198aee610909d7b955f871f08a8182e316eOTRS versions 5.0.x and 6.0.x suffer from a remote command execution vulnerability.
23fe45cabaca7cc03e2a146ba871fc0b22ff7ab6b10b14757a820e061c0f32dbPHPFreeChat version 1.7 suffers from a denial of service vulnerability.
099939bf72123543b3b8464c19b21e1cd162462d82fc6a640e32d95821c26d5fWhitepaper called Hardcore SAP Penetration Testing.
986b9f90a45b4f44d94014583a6977f3c90b0e20588aec50916aef9f9e0baf39Stok Takip version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
3e3c47c39d6e7d2cb47bf2481753a2206cf561455c8212b6ffff3035e57dc1c5CMS Made Simple version 2.2.5 suffers from a reflective cross site scripting vulnerability in /admin/moduleinterface.php.
8e7f9e7b0ab030d9e463fb4e3b5c3184be7935f54ee3013b451d283dbf0b9b96CMS Made Simple version 2.2.5 suffers from a reflective cross site scripting vulnerability in /admin/moduleinterface.php.
f6981913ae80d9b223c59d482d07ff8b0c74e6c77731b521a8667141c7591afeCMS Made Simple version 2.2.5 suffers from a persistent cross site scripting vulnerability.
48015b3e10000429dc080fa3869edc8023e0b99b27310b904d0c39191aceb172Netis-WF2419 version 3.2.41381 suffers from a cross site scripting vulnerability.
bc73631df2ec9110c1bf80c502df4b7fb26a01a43e50d7304c938671b05798f2Ubuntu Security Notice 3543-2 - USN-3543-1 fixed vulnerabilities in rsync. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that rsync incorrectly handled certain data input. An attacker could possibly use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
5323891febd654fdc5e5b61cadd1f7d96d80d249af427395772c5e5365b4cdcfUbuntu Security Notice 3543-1 - It was discovered that rsync incorrectly handled certain data input. An attacker could possibly use this to cause a denial of service or execute arbitrary code. It was discovered that rsync incorrectly parsed certain arguments. An attacker could possibly use this to bypass arguments and execute arbitrary code.
88b932fc345888256e893075168ff8d11ebdd8f06d8807908946b70728afa8beRed Hat Security Advisory 2018-0116-01 - The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Security Fix: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.
24f1289855623d5eb0b551436f7ec8455fb2491f28690d7224baebcf36782aebHPE Security Bulletin HPESBHF03805 7 - On January 3 2018, side-channel security vulnerabilities involving speculative execution were publicly disclosed. These vulnerabilities may impact the listed HPE products, potentially leading to information disclosure and elevation of privilege. Mitigation and resolution of these vulnerabilities may call for both an operating system update, provided by the OS vendor, and a system ROM update from HPE. Revision 7 of this advisory.
94411ff231e0a5b8a3ee2841348b7cac92c5c35fdf9e1a30ff3519eb7d291886Debian Linux Security Advisory 4094-1 - It was discovered that Smarty, a PHP template engine, was vulnerable to code-injection attacks. An attacker was able to craft a filename in comments that could lead to arbitrary code execution on the host running Smarty.
10d1177f7e54651d534936029798276dcc8f90250251e3e03899860e929c0e1eSerhat Sozluk version 5 suffers from a cross site scripting vulnerability.
70f6af47ab12c1029ac0faa9a99109e9a839a119beea20cc973414101e403c06PayLink version 3.0.1 suffers from a cross site scripting vulnerability.
6bb54021bce97aa6ea9cde6c4f2f502574469fc940573cdc94b7f792539dad3b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed