Zoho BugTracker suffers from multiple stored cross site scripting vulnerabilities.
5f84abf0fd32b20d83731d75e8fa472c4d86148ea3ded99941f4e9ec38a9a318
Online Grades version 3.2.5 suffers from multiple cross site scripting vulnerabilities. The issue is triggered when input passed via multiple parameters to the 'admin/admin.php' script is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
97dac1462d3751baa282b6d6356f3f5c1af9936b2fe7fc9e1f21af38da27da98
PG eLMS Pro version DEC_2007_01 suffers from multiple remote blind SQL injection vulnerabilities.
f33c1f60fe48012757d4de9d5b369cbdd1b4511201f7d9fa55519f099d092a34
PG eLMS Pro version DEC_2007_01 suffers from multiple POST cross site scripting vulnerabilities in contact_us.php.
3cb7f482a30aa8222e39a62050d674c0b4201c4a9b953dc76fb7e986a91915bf
TCExam versions 11.2.011 and below suffer from multiple remote SQL injection vulnerabilities.
914e1468f043c743fbcb3539d34a062ed28fec35ba1be0ed6dab33cd0deb9e05
TCExam versions 11.2.011 and below suffer from multiple pre and post auth cross site scripting vulnerabilities when parsing user input to multiple parameters via GET and POST method in multiple scripts. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user's browser session.
124989b21ffded644a3bd7fb5253e0bf4a9f3a0f8cf17bb80608ab44fd14748f
Tugux CMS version 1.2 remote arbitrary file deletion vulnerability.
b322ce3279d241071e6638005f0f9486916adab50fcebbdaf25046904c8aa330
ESTsoft ALPlayer version 2.0 suffers from a buffer overflow vulnerability. It is caused due to a boundary error in the processing of a playlist file, which can be exploited to cause a stack-based buffer overflow when a user opens e.g. a specially crafted .asx file. Successful exploitation may allow execution of arbitrary code.
5a582f57cd6e6df287f9f89eb693be5d651a9317c7ec5a7a9f97332fdc138cd4
Valve Steam Client Application version 1.0.968.628 is vulnerable to an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice.
f07cacb244ba2aac638b1faad553f41232c12f69350fa60ab20117331e3e88cc
NetServe Web Server version 1.0.58 suffers from denial of service, cross site scripting, various inclusion vulnerabilities and more.
57730836287f5775bff301c266cccc018712462def19a33875a91e36190e4b13
Sitemagic CMS suffers from a XSS vulnerability when parsing user input to the 'SMExt' parameter via GET method in 'index.php'. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session.
8e9bd0f1156742f2d83faa0606fca5304a8e3b055624c9077f24c1a8e274c310
Pacer Edition CMS version 2.1 suffers from a local file inclusion vulnerability.
5bbc400a3b056ed47a8368ad140f7af63b51536812fa050098dffb2917feeca0
Pacer Edition CMS suffers from a cross site scripting vulnerability when parsing user input to the 'email' parameter via POST method in 'admin/login/forgot/index.php'.
64bc139cdd713e79b7734f3138011ce6e67d334d1b7864e2e6bdfe1443bb8d2f
Pacer Edition CMS version 2.1 remote arbitrary file deletion exploit.
fdecec4cbc4da2ca8fcd5a0044f5cd5bc62041abb616b0c109cf1b0546d42c3d
Ushahidi version 2.0.1 suffers from a remote SQL injection vulnerability.
d01cdcded440360442982a5fb7af9499f790a2c758263ac5ac1fa99bf04e8d80
Kentico CMS versions 5.5R22.23 suffers from a cross site scripting vulnerability.
9f11fec3060e9fb15201282364d5cc0bf0d5d681f43c5b204bee3e6115fd40af
Tugux CMS version 1.2 suffers from cross site scripting, local file inclusion, url redirection, and remote SQL injection vulnerabilities.
b5b2ff3bd99d5a8b947cc3f1d1e8127651974a13726a26182e02c17102388137
Adobe Audition version 3.0 build 7238 suffers from a buffer overflow vulnerability when dealing with .SES (session) format file. The application fails to sanitize the user input resulting in a memory corruption, overwriting several memory registers which can aid the attacker to gain the power of executing arbitrary code or denial of service.
9b67de74e1b59979e50e46473885f2db10f38f73ea7066d0c426d94586d1f897
Dreambox versions DM500, DM500+, DM500HD, and DM500S suffer from a file download vulnerability through a directory traversal with appending the '/' character in the HTTP GET method of the affected host address. The attacker can get to sensitive information like paid channel keys, usernames, passwords, config and plug-ins info, etc.
7de9ae16a5edaef40053e9ca76b575139e48f8e65b6eb897bc0e17c7605f45dc
The Gesytec ElonFmt active-x control module suffers from a buffer overflow vulnerability. When a large buffer is sent to the pid item of the GetItem1 function in the elonfmt.ocx module, a few memory registers get overwritten including the SEH. Proof of concept exploit included. Version 1.1.14 is affected.
d243509ba1defdb6a43cd5e44c3842fe251b3364720483e0de16bec5c0e5ef92
docuFORM Mercury versions 6.16a and 5.20 suffer from multiple cross site scripting vulnerabilities.
04fd5a5de85dc05c646203a774ae5ea162a41d6deb351adee000c5cda968c91d
Help and Manual Professional Edition version 5.5.1 ijl15.dll DLL hijacking exploit.
ed443b5344c664ad0b6e377f3582578ad1f8a8c439eea4320164fd0a63b67c77
Anfibia Reactor version 2.1.1 suffers from a cross site scripting POST injection vulnerability in login.do.
586debeac011f1b5df9fe27f6bebf0c0142a76112f15487253577175eb3505c0
TutorialMS version 1.4 suffers from a remote SQL injection vulnerability.
05dc88cc41754a5b425398dbff864e6b5d579f95a6559c9bfbdc906f75486443
DoceboLMS version 4.0.4 suffers from multiple cross site scripting vulnerabilities.
f05d2fc8f18a0ffba23d0c365e3e620e537c53fcdd2ae8528167afa9108942cd
Antamedia Internet Cafe Software version 7.1 suffers from a DLL hijacking vulnerability.
2cfaa2ba266c95b6c2c1ccc52ea1a90642d2fe2083343a19e2517a9131ab83a4