KLA10992 Multiple vulnerabilities in Adobe Acrobat and Adobe Reader

Multiple serious vulnerabilities have been found in Adobe Acrobat and Adobe Reader. Malicious users can exploit these vulnerabilities to execute arbitary code and possibly cause a denial of service. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerabilities in the XML Forms...

WordPress Wow Forms v2.1 Plugin SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Wow Forms v2.1 WordPress Plugin SQL Injection Exploit Author: TAD GROUP Vendor Homepage: http://wow-company.com/ Software Link: https://wordpress.org/plugins/mwp-forms/ Version: 2.1 Contact: email protected Website: https://tad....

DEBIAN-CVE-2016-9275

Heap-based buffer overflow in the dwarfskimforms function in libdwarf/dwarfmacro5.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service out-of-bounds read...

CVE-2017-6443

Cross-site scripting XSS vulnerability in EPSON TMNet WebConfig 1.00 allows remote attackers to inject arbitrary web script or HTML via the WAD1 parameter to Forms/oadmin1...

CVE-2017-6443

Cross-site scripting XSS vulnerability in EPSON TMNet WebConfig 1.00 allows remote attackers to inject arbitrary web script or HTML via the WAD1 parameter to Forms/oadmin1...

Cross site scripting

Cross-site scripting XSS vulnerability in EPSON TMNet WebConfig 1.00 allows remote attackers to inject arbitrary web script or HTML via the WAD1 parameter to Forms/oadmin1...

CVE-2017-6180

Keekoon KK002 devices 1.8.12 HD have a Cross Site Request Forgery Vulnerability affecting goform/formChnUserPwd and goform/formUserMng and the entire set of other pages...

Foxit Reader XFA Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA...

Foxit Reader < 8.2.1 Multiple Vulnerabilities

Binary data 9985.prm...

Ninja Forms < 3.0.31 - XSS

The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin was affected by a XSS security vulnerability...

WPS-Forms XXE vulnerability in xlsx parsing

WPS-Forms is an office software. WPS Forms suffers from an XXE vulnerability in xlsx parsing. This allows attackers to exploit the vulnerability to cause the disclosure of sensitive user information as well as a DoS Denial of Service on the user's system...

U.S. Dept Of Defense: Content-Injection/XSS ████

Summary: Hi, It is possible to inject content and vulnerable to reflected Cross Site Scripting. Affected domain: https://██████████ Used browser: Mozilla. Impact One of the most common XSS attack vectors is to hijack legitimate user accounts by stealing their session cookies. This allows attacker...

IBM Forms Experience Builder Server-Side Request Forgery Security Bypass Vulnerability

IBM Forms Experience Builder is a set of U.S. IBM's Web forms for creating Web site applications. A server-side request forgery vulnerability exists in IBM Forms Experience Builder versions 8.5, 8.5.1, and 8.6. An attacker could exploit this vulnerability to obtain information about internal...

CVE-2016-6175

Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header...

Design/Logic Flaw

Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header...

CVE-2016-6175

Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header...

UBUNTU-CVE-2016-6175

Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header...

CVE-2016-6175

Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header...

CVE-2016-6175

Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header...

CVE-2016-6175

Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header...