Zoho BugTracker suffers from multiple stored cross site scripting vulnerabilities.
5f84abf0fd32b20d83731d75e8fa472c4d86148ea3ded99941f4e9ec38a9a318
Family Connections CMS version 2.3.2 suffers from stored cross site scripting and XML injection vulnerabilities.
560b3b3d4d08ff3156aae5a09cf91b31f8fe7ef39a5cb6cabff71d7f147a2fbf
Microsoft Source Code Analyzer for SQL Injection is a static code analysis tool for finding SQL Injection vulnerabilities in ASP code. The package suffers from an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. The vulnerability exists due to the improper permissions, with the "C" flag (Change(write)) for the "Everyone" group, for the binary file msscasi_asp.exe and the package itself, msscasi_asp_pkg.exe.
985f1b8a0c9c7170bfff235022459884dade76cc7504b5ccb7d597a030b5d2e8
Pointter PHP CMS version 1.2 suffers from cross site scripting, local file inclusion, and remote SQL injection vulnerabilities.
9576e04112b662072178f9e55b2f30889f73467a6b27a79f96dc6bffd32f2b9b
Constructr CMS version 3.03 suffers from cross site scripting and remote SQL injection vulnerabilities.
a4224d4b86b1a571f0f86d7e8a69d82fa301a58aad20b4eff53030bccf77f96d
eXPert PDF Reader version 4.0 suffers from a NULL pointer dereference and heap corruption denial of service vulnerability.
290623376432a2f10c80421fb38a2d32682190ff9321dac7e355092b1f5512ff
Nitro PDF Reader version 1.4.0 remote heap memory corruption proof of concept denial of service exploit and advisory.
6f7251db7965fc6a2cb851fe9fe21e4f69d15e09dae81c217b971fb2bc6b0484
Elecard MPEG Player version 5.7 local buffer overflow proof of concept exploit.
e924badb6b079b6080a73804ebae6bfddae61d8bb4d1cbcdd18b7b2f41db3392
WinMerge version 2.12.4 project file handling stack overflow exploit.
a90d518f4b58a2d90381a86b1328947e877d00adeda5abb3f18c2dbec603cfa5
phpBugTracker version 1.0.5 suffers from multiple reflective cross site scripting vulnerabilities.
e653f2dcaa267e5788cce847b1b903fcb155cef35150ac6fd4a767c3f855861d
GAzie version 5.10 suffers from cross site scripting and remote SQL injection vulnerabilities in the login_admin.php script.
ead13b30d80bb3f7501f40846fd76e17b90bc050e548377ff399f21d2a1dece6
AutoPlay version 1.33 local buffer overflow exploit that creates a malicious autoplay.ini file.
3d6ec4b37f5393ccc419eac3e4e7edbdd77b47c7d203d69da6130e06a397a565
MG2 version 0.5.1 suffers from multiple cross site scripting vulnerabilities.
d9e1492757a88b8aae40695552fa07b4741b360277a7016b7540c93273f43c48
Pixelpost is vulnerable to an SQL Injection attack when input is passed to several POST parameters (findfid, id, selectfcat, selectfmon, selectftag). The script (admin/index.php) fails to properly sanitize the input before being returned to the user allowing the attacker to compromise the entire DB system and view sensitive information. Version 1.7.3 is affected.
058b005df3b48a0a2f6526e2d72d4ad64a02ed8dbdd5a5eeac880138515851eb
Oracle MySQL Eventum versions 2.2 and 2.3 suffer from cross site scripting and script insertion vulnerabilities.
b8ee58ea46776bf446728edd538964f323d61acaa892fd2e07c381ecb17a66c4
Pixelpost version 1.7.3 suffers multiple persistent cross site scripting vulnerabilities.
fcc972c67a58e71be958caa6666fcacbebf4d166d7acba0ba6ff664163a286c6
TaskFreak! version 0.6.4 suffers from multiple cross site scripting vulnerabilities.
d4a82eb8408d5ef509ea24f2ea5421f7b3a38bce8f7fc498a71d10bc4d78a3b1
CultBooking version 2.0.4 suffers from a local file inclusion vulnerability.
24bcdd6125c7cc4b3d51be8dee944fb8ce491872476affee2bd28200a712e6f8
CultBooking version 2.0.4 suffers from cross site scripting vulnerabilities.
24e1154c89c42c178796c636bb67c5e08c8ad7b7e1f4211c0ba0b0ae79186a25
Embedthis Appweb Web Server version 3.2.2-1 suffers from a cross site scripting vulnerability.
3bf0eb7266128b20d987e0ca5fdc2ac3b08bde1c94aa4b5000b8e3bb3f0ca62a
MantisBT versions 1.2.3 and below suffer from cross site scripting and path disclosure vulnerabilities.
18a95d91ab5662bc9da22edd42c6085d143c012493617b0a9f216e4bbb8cd78e
MantisBT versions 1.2.3 and below suffer from a local file inclusion vulnerability.
abf8514ede0418cc0812ff5542f8637869d485480ee17472e692434df0836263
MODx Revolution CMS version 2.0.4-pl2 suffers from a cross site scripting vulnerability.
ee4eae9c7c2d3ad655590094df23afa0c31e8588b46ce611a9158231283e7fd9
Native Instruments Service Center version 2.2.5 suffers from a local privilege escalation vulnerability.
17003a3d3ba0281c940bdee33302d7f863117f4222be5fa9fc977e0d2d38b948
Native Instruments Massive version 1.1.4 suffers from a KSD file handling use-after-free vulnerability.
c2b308fa8e87b18b73cb43c68ad32dee80d98ad144657ee759f5045112df0d0f
Native Instruments Kontakt 4 Player NKI File Syntactic Analysis buffer overflow proof of concept exploit.
70713be9f719b9fb02eb8d297e9b7609df428c484244c571482402333e7b586f