Trixbox CE 2.6.1 - langChoice PHP Local File Inclusion

No description provided by source...

atvise webMI2ADS Web Server <= 1.0 - Multiple Vulnerabilities

No description provided by source. Luigi Auriemma Application: atvise webMI2ADS - Web server for Beckhoff PLCs http://www.atvise.com/en/atvise-downloads/products Versions: = 1.0 Platforms: Windows XP embedded and CE x86/ARM Bugs: A directory traversal B NULL pointer C termination of the software ...

CVE-2013-4581

The CVE-2013-4581 entry is supported by concrete details across multiple sources: GitLab versions affected include GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1, and gitlab-shell before 1.7.8. The vulnerability allows remote attackers to execute arbitrar...

CVE-2014-0811

Cross-site scripting XSS vulnerability in Blackboard Vista/CE 8.0 SP6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in Blackboard Vista/CE 8.0 SP6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-0811

CVE-2014-0811 : A cross-site scripting (XSS) vulnerability affects Blackboard Vista/CE 8.0 Service Pack 6 and earlier. The issue allows remote attackers to inject arbitrary script/HTML via unspecified vectors in the web interface. Impact is browser-script execution; remediation per sources is to ...

CVE-2014-0811

Cross-site scripting XSS vulnerability in Blackboard Vista/CE 8.0 SP6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

China digital IDC Management Platform is not weighted limit authentication-vulnerability warning-the black bar safety net

China digital IDC management platform to address leaks lead to a lot of ip leakage Looks like CE Dongli, new network are China digital's Detailed description: http://119.10.114.29/index1.php http://123.100.0.42/ !...

Unprotected Windows CE Console (Telnet)

The remote Windows CE Telnet Console is not protected by a password. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[Netsparker Community Edition v2.5.2.0] Released!

Netsparker Community Edition is a SQL Injection Scanner. It’s a free edition of our web vulnerability scanner for the community so you can start securing your website now. It’s user friendly, fast, smart and as always False-Positive-Free. It shares many features with professional edition. It can...

SugarCRM Community Edition 6.5.2 (Build 8410) Multiple Vulnerabilities

Exploit for php platform in category web applications SugarCRM Community Edition 6.5.2 Build 8410 multiple vulnerabilities Brendan Coles http://itsecuritysolutions.org/ 2012-07-26 There are multiple security vulnerabilities in SugarCRM Community Edition 6.5.2 Build 8410 which may allow an attacke...

Liferay 5.x / 6.x Cross Site Scripting

Multiple xss issues in Liferay Description: Liferay Portal is an enterprise portal written in Java Multiple xss vulnerabilities where found in liferay. Because liferay has a "remember me" option in their login screen that stores an encrypted password in a cookie this is more problematic than it...

Liferay Portal Privilege Escalation

Liferay users can assign themselves to organizations, leading to possible privilege escalation Description: Liferay Portal is an enterprise portal written in Java Due to insufficient permission checking in the updateOrganizations method of UserService any user can assign hem or her self to any...

Heap overflow

Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Information Server 4.5 and earlier, ArchestrA...

Heap overflow

Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Information Server 4.5 and earlier, ArchestrA...

Code Execution and FPD vulnerabilities in Simple:Press Forum for WordPress

Hello 3APA3A! I want to warn you about multiple security vulnerabilities in plugin Simple:Press Forum for WordPress. These are Code Execution and Full path disclosure vulnerabilities. Code Execution WASC-31: Execution of arbitrary code is possible via TinyBrowser. As I already told concerning...

atvise webMI2ADS Web Server 1.0 - Multiple Vulnerabilities

Luigi Auriemma Application: atvise webMI2ADS - Web server for Beckhoff PLCs http://www.atvise.com/en/atvise-downloads/products Versions: = 1.0 Platforms: Windows XP embedded and CE x86/ARM Bugs: A directory traversal B NULL pointer C termination of the software D resources consumption Exploitatio...

CVE-2011-3825

Zend Framework 1.11.3 in Zend Server CE 5.1.0 is affected. A vulnerability allows remote attackers to disclose sensitive information by directly requesting a .php file, which reveals the installation path in an error message (as demonstrated by Validate.php and related files). The description fro...

CVE-2011-3825

Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Validate.php and certain other files...

SaurusCMS-CE (CommunityEdition) v4.7 Multiple Vulnerabilities

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...