CVE-2013-10071

Nagios XI versions prior to 2012R1.6 contain a reflected cross-site scripting XSS vulnerability in the dashboard dashlet AJAX load functionality. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's...

CVE-2011-4538

Lexmark X, W, T, E, and C devices before 2012-02-09 allow attackers to obtain sensitive information by reading passwords within exported settings...

OneFileCMS Arbitrary PHP Code Execution Vulnerability (CNVD-2018-13553)

OneFileCMS is a lightweight CMS system. The system runs on PHP and JavaScript and includes features such as document editing, file uploading and file management. A code execution vulnerability exists in the onefilecms.php file in OneFileCMS version 2012-04-14 and earlier. An attacker can exploit...

Telerik UI for ASP.NET AJAX Q3 Absolute Path Traversal Vulnerability

Telerik UI for ASP.NET AJAX Q3 is the development version of the famous ASP.NET commercial control. An absolute path traversal vulnerability in Telerik UI for ASP.NET AJAX Q3 prior to 2012 SP2 allows remote attackers to execute arbitrary code by writing an arbitrary file to the full pathname of t...