PT-2026-7479

The SlimStat Analytics plugin for WordPress is vulnerable to time-based SQL Injection via the ‘args’ parameter in all versions up to, and including, 5.3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possib...

PT-2025-6714 · Immunity · Immunity Debugger

Name of the Vulnerable Software and Affected Versions: Immunity Debugger version 1.85 Description: A stack buffer overflow in the arguments parameter allows attackers to execute arbitrary code via a crafted input that exceeds the buffer size. This issue enables remote code execution...

Cross-site Scripting (XSS)

Overview resque-scheduler is a light-weight job scheduling system built on top of Resque Affected versions of this package are vulnerable to Cross-site Scripting XSS via the schedulejob or args parameters in the /resque/delayed/jobs/schedulejob?args=argsid URL. An attacker can inject malicious...

vBulletin decodeArguments serialized object vulnerability

Added: 04/15/2016 CVE: CVE-2015-7808 Background vBulletin is PHP software for building community websites. Problem A vulnerability in vBulletin 5 Connect allows remote attackers to execute arbitrary PHP code by placing a specially crafted serialized object in the arguments parameter to the...