CVE-2022-37786

An issue was discovered in WeCube Platform 3.2.2. There are multiple CSV injection issues: the Home / Admin / Resources page, the Home / Admin / System Params page, and the Home / Design / Basekey Configuration page...

EUVD-2016-1882

Malware in sbrugna...

CVE-2020-13877

SQL Injection issues in various ASPX pages of ResourceXpress Meeting Monitor 4.9 could lead to remote code execution and information disclosure...

CVE-2015-9310

The all-in-one-wp-security-and-firewall plugin before 3.9.1 for WordPress has multiple SQL injection issues...

WordPress Custom Related Posts plugin <= 1.7.4 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Custom Related Posts versions = 1.7.4...

CVE-2022-37786

An issue was discovered in WeCube Platform 3.2.2. There are multiple CSV injection issues: the Home / Admin / Resources page, the Home / Admin / System Params page, and the Home / Design / Basekey Configuration page...

SUSE-SU-2022:2179-1 Security update for openssl

This update for openssl fixes the following issues: - CVE-2022-2068: Fixed more shell code injection issues in crehash. bsc1200550...

OPENSUSE-SU-2021:0677-1 Security update for exim

This update for exim fixes the following issues: Exim was updated to exim-4.94.2 security update boo1185631 CVE-2020-28007: Link attack in Exim's log directory CVE-2020-28008: Assorted attacks in Exim's spool directory CVE-2020-28014: Arbitrary PID file creation CVE-2020-28011: Heap buffer overfl...

MGASA-2020-0357 Updated mutt packages fix security vulnerabilities

A potential IMAP Man-in-the-Middle attack via a PREAUTH response CVE-2020-14093. Mutt was ignoring an expired certificate and was proceeding with a connection CVE-2020-14154. A response injection due to a STARTTLS buffering issue which was affecting IMAP, SMTP, and POP3 CVE-2020-14954...

About the security content of Shazam Android App Version 9.25.0 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ================================================================ phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities ================================================================ phpCollegeExchange 0.1.5c Multiple SQL...

Eye days shadow system of 0DAY-vulnerability warning-the black bar safety net

Author: st0p & My5t3ry Reprint please indicate the source: http://www. st0p. org Alas, and My5t3ry out of the hole, contact the official administrator, has been nobody handle me. The first said injection issues Vulnerabilities file as/pinc/hitsorder. asp | 1 2 3 4 5 6 7 8 9 1 0 1 1 1 2 1 3 1 4 1 ...

Pligg CMS 9.9.0 - Cross-Site Scripting Local File Inclusion SQL Injection

Pligg CMS 9.9.0 - Cross-Site Scripting Local File Inclusion SQL Injection GulfTech Security Research July 30, 2008 Vendor : Pligg LLC URL : http://www.pligg.com/ Version : Pligg alertdocument.cookie; The above example link would display the end users cookie to them. Of course this can also be use...

vSpin Classified System 2004 - &#039;cat.asp?cat&#039; SQL Injection

source: https://www.securityfocus.com/bid/21190/info vSpin Classified System is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues could all...

bitweaver 1.x - &#039;/newsletters/edition.php?tk&#039; SQL Injection

source: https://www.securityfocus.com/bid/20988/info Bitweaver is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input. These issues include multiple HTML-injection issues and multiple SQL-injection issues. A successful...

DUware DUamazon Pro 3.0/3.1 - &#039;type.asp?iType&#039; SQL Injection

source: https://www.securityfocus.com/bid/14033/info DUamazon Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise ...

CodetoSell ViArt Shop Enterprise 2.1.6 - reviews.php Multiple Cross-Site Scripting Vulnerabilities

CodetoSell ViArt Shop Enterprise 2.1.6 - reviews.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/13462/info ViArt Shop is affected by multiple cross-site scripting and HTML injection vulnerabilities. These issues are due to a failure in the application ...

GLSA-200503-07 : phpMyAdmin: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200503-07 phpMyAdmin: Multiple vulnerabilities phpMyAdmin contains several security issues: Maksymilian Arciemowicz has discovered multiple variable injection vulnerabilities that can be exploited through '$cfg' and 'GLOBALS'...

PHPLinks 2.1.x - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/11329/info PHPLinks is reported prone to multiple input validation vulnerabilities. A file include vulnerability is reported to affect the 'index.php' script. This may allow an attacker to include and execute arbitrary PHP scripts. Code execution will occ...

Crafty Syntax Live Help 2.7.3 - Multiple HTML Injection Vulnerabilities

Crafty Syntax Live Help 2.7.3 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/10463/info CSLH is prone to multiple HTML injection vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data. The problem presents itself in various...