Dora Emlak Script version 1.0 suffers from an administrative bypass vulnerability.
4047997966d1b0e5e341c6d3a3eb210f599cbf3e3061b4719eb277c1aaff2925
Secunia Security Advisory - Some vulnerabilities have been reported in MDaemon, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks.
edf4f6b05952076f79f675f6b73d19de37f806e58b45ff40ce877f5d1bc14d5c
The vulnerability described in this document can be exploited by a malicious Web page to execute arbitrary code with low integrity. Active scripting must be enabled, and the present exploitation techniques require that font downloading be set to "Enable" or "Prompt" and that the "mailto:" protocol be present. (These requirements are satisfied by default on Windows XP, Windows Vista, and Windows 7.) The user is presented with a message box which must be dismissed before code execution can occur.
96288d159c287c058009d8e91825a92c22beb920a6169e740a20af44b919357b
Mandriva Linux Security Advisory 2012-138 - Helmut Grohne and Michael Biebl discovered that ACPI scripts were executed with a permissive file mode creation mask. A local attacker could read files and modify directories created by ACPI scripts that did not set a strict umask. The updated packages have been patched to correct this issue.
0bc07732113abfe4a4d47247e6e85dbe5ba0d3f2ba67d9ce240dd0715687d2eb
Mandriva Linux Security Advisory 2012-137 - Oliver-Tobias Ripka discovered that an ACPI script incorrectly handled power button events. A local attacker could use this to execute arbitrary code, and possibly escalate privileges. Helmut Grohne and Michael Biebl discovered that ACPI scripts were executed with a permissive file mode creation mask. A local attacker could read files and modify directories created by ACPI scripts that did not set a strict umask. The updated packages have been patched to correct these issues.
bf64566f3857d8378c5f530d05dddf5ae935df9d405244ca913d69759b5cc8fb
Mandriva Linux Security Advisory 2012-136 - Multiple cross-site scripting vulnerabilities was discovered by using the Database structure page with a crafted table name. This upgrade provides the latest phpmyadmin version to address this vulnerability.
4f113b7473341f4b5b1404d9fbf72c22dd8466370f6b383c45f0eb638cb6c89e
Lsoft ListServ version 16 suffers from a cross site scripting vulnerability. The issue is fixed in WA revision r4276.
ffe1f02e0f063983d7edcebebc145edd536e5798c84727d1e438b00cb820d5c1
Hastymail2 Webmail version 1.1 RC2 suffers from a stored cross site scripting vulnerability.
e5603aa49a000259245c4d8c25c238c4b532a5ced67a9626f40e89c41de66dc6
T-dah Webmail version 3.2.0 suffers from stored cross site scripting vulnerabilities.
f849cce7db945350fcf31a0846493b9158d0a5016e1c297b052c01017c41218b
There is an arbitrary command execution vulnerability in the scriptfu network server console in the GIMP 2.6 branch. It is possible to use a python scriptfu command to run arbitrary operating-system commands and potentially take full control of the host.
6bb8abc35df548c551fcf9ff102ee8db444b1e273993fe8a725e91885c36da04
ManageEngine OpStor version 7.4 suffers from cross site scripting and remote SQL injection vulnerabilities.
0d32814a7c7e07a67aa2e95cf6174ae8d8c2d00a3fc33f9753921e77bd33d89f
Roundcube Webmail version 0.8.0 suffers from multiple stored cross site scripting vulnerabilities.
6dfa0a7ef6c176b11b524cca79272af01deb78987c2cd19c827f958047b30f1e
Nike+ Panel and Mobile App suffers from multiple cross site scripting vulnerabilities.
318952fc36f8ecd15a627349d8609286daecfc86c7dc03596b132349ec1fbeed
ShopperPress WordPress theme version 2.7 suffers from cross site scripting vulnerabilities.
491c4ea2642b413280ac3851a6e53813f20e256059abdc11931d3d115eea5543
Social Engine version 4.2.5 suffers from input validation and cross site scripting vulnerabilities.
9cccc1f1afba3410682d642eec4bfad1139cc84cd5e5a5d4b0b60db0352e87f2
Secunia Security Advisory - A vulnerability has been discovered in RoundCube Webmail, which can be exploited by malicious people to conduct script insertion attacks.
b721f20d6cb0edd03301b0a7b67cc066cf4228efb6aacd786bed621d160d5e47
Secunia Security Advisory - A vulnerability has been reported in RoundCube Webmail, which can be exploited by malicious people to conduct script insertion attacks.
6206f9b456f976185dfbf29eddaa5d17c527e68d821d2ca6e7f9c489dbbe2901
Secunia Security Advisory - Some vulnerabilities have been reported in TYPO3, which can be exploited by malicious users to conduct script insertion attacks, disclose sensitive information, and compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks.
a8da39ec795d458b751baf8f596c08c5b8787657117a6a3448e652865893bd96
Secunia Security Advisory - SUSE has issued an update for opera. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system.
4a0a1b4903894469bff498da1a1de032a7ea6158e3482a326613ddf0ff53b8a1
Secunia Security Advisory - Justin C. Klein Keane has reported two vulnerabilities in the HotBlocks module for Drupal, which can be exploited by malicious users to conduct script insertion attacks and cause a DoS (Denial of Service).
fd66d289c29962cfb58bf6dff524d5a580cb93c94046532983e4247cd4e04963
Secunia Security Advisory - High-Tech Bridge has discovered a vulnerability in Jease, which can be exploited by malicious people to conduct cross-site scripting attacks.
5f4d5743028f542ee686cdc1ac604ca3c51831169ece42241f8efba41f6b1867
Secunia Security Advisory - A vulnerability has been reported in the Elegant theme for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
d2854560cddfa61cfe86ceecb80c48718450d1c7f41c5dd9b2a5bee6ad23de4b
Secunia Security Advisory - A vulnerability has been reported in the RSVPMaker plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks.
1308c5365a8a6322182004b702e1cffdb5aa396feec096ae18a853239f2a9478
Secunia Security Advisory - Justin C. Klein Keane has reported a vulnerability in the Custom Publishing Options module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
cc35b5266f1d0b8ceb2030857739c796b62542e3b08fdf9ae6beacedabc27687
Secunia Security Advisory - High-Tech Bridge has discovered two vulnerabilities in Jease, which can be exploited by malicious people to conduct cross-site scripting attacks.
144c35ba8c91be8c7efe883052c59629094be2e6cc6832f36e74ed09cced6c95
Secunia Security Advisory - A vulnerability has been reported in IBM Lotus Sametime, which can be exploited by malicious users to conduct script insertion attacks.
4a6db069761d8663aef5f77c93d75b1227ef014fa08b0e34c2a48a57816cc4fd