NUUO CMS suffers from directory traversal, predictable session token, unauthenticated remote code execution, and various other vulnerabilities. Multiple metasploit modules included and various versions are affected by the various vulnerabilities.
273126839ae6bdeeeeb0b494ac7067a5ea7b4bb5683ea0378c2a64b28c581aee
Comodo KORUGAN VM version 1.9.3.1100 suffers from a cross site scripting vulnerability.
4059938ac15f2eca55766806c261462f51e46febafedc6874fb69a35f071ac1d
Comodo KORUGAN LITE version 1.6.5.1024 suffers from a cross site scripting vulnerability.
20fd6a3e24bd8a9edc23f93237d0666efa26d69931d53e08905f4a4b6ddbf8e5
SIDU version 6.0 suffers from a cross site scripting vulnerability.
535d0c4a982aea18261fe5fd0a29740c91e6b956c6857417ef9ebcb4501894f5
CA Technologies Support is alerting customers to multiple potential risks with CA Service Desk Manager. Multiple vulnerabilities exist that can allow a remote attacker to access sensitive information or possibly gain additional privileges. CA published solutions to address the vulnerabilities. The first vulnerability is due to how survey access is implemented. A malicious actor can access and submit survey information without authentication. The second vulnerability allows for a malicious actor to gain additional privileges. Versions affected include 14.1 and 17.
9ba0f3156ca4ef2fdaac0d90ab7af006a48e5ef4050d91ef8d697f03ef84ab2c
Joomla Akeeba Backup component version 6.3.3 suffers from a database disclosure vulnerability.
17c785af53f0493ded4860be2cd3ebdcb2f35406cf2f376b63c5dd291dc98fd8
PHP Dashboards NEW version 5.8 suffers from a local file inclusion vulnerability.
3280d5c4d2f436e80da39c68f6eba1485c4297c57a489c5a6ae152f340bd0901
GattLib version 0.2 suffers from a stack buffer overflow vulnerability.
abc54a3ecb91a2f0c11413922e317fa0853914846776f05005e2f5cdc2583758
Adianti Framework version 5.5.0 suffers from a remote SQL injection vulnerability.
010e627d64f5f952567bf00e07672e5bb06c82afd6a39088a57ef7810825c56a
PHP Uber-style GeoTracking version 1.1 suffers from a remote SQL injection vulnerability.
6ae8a208f48717a7abddda53b592943cd7e0f266d2e5b674878047df3433d805
Reservic version 1.0 suffers from a remote SQL injection vulnerability.
e7bf79dd6baeaf3ee48288a27d4325658ee164fe3ad3a230dc7ffedf26f62654
PHP Dashboards NEW version 5.8 suffers from a remote SQL injection vulnerability.
5663b35e5355f0518c00fbe649c34ea605bdb172ce5420b7a86c31749551e8de
MoneyFlux version 1.0 suffers from a remote SQL injection vulnerability.
e88bfcd1a3776079adc80c9af0cbc686aa7473fd4a313901b99328e37a4ebc1a
Echo Mirage version 3.1 suffers from a buffer overflow vulnerability.
9326d315ec003fa28a1758a635ac1c55c2d3831e4b84487fbc25b19dcc1c0531
Call For Papers for Positive Hack Days 9 which will take place in Moscow, Russia.
361bafb94ea84f9f4968269436de9cb71d056331a162bc3ec6cb2779d1994a43
Open-Xchange OX App Suite suffers from cross site scripting and server-side request forgery vulnerabilities. The vulnerabilities spawn a multitude of versions.
24e2155c543cabcd184eee8f58682b0f7854489ae93e4d51a85b793fe3464e40
Coman Company Management System version 1.0 suffers from a remote SQL injection vulnerability.
d8dbbd9b8a345a2d4926e69833a3afd4b8b264350c70b719784964f7a6f0484c