WordPress Events Made Easy plugin version 1.5.49 suffers from cross site request forgery and cross site scripting vulnerabilities.
>> ARCHIVE: 2015-10
If IExternalizable.writeExternal is overridden with a value that is not a function, Flash assumes it is a function even though it is not one. This leads to execution of a…
Kaboozu CMS suffers from a remote shell upload vulnerability.
Nibbleblog contains a flaw that allows an authenticated remote attacker to execute arbitrary PHP code. This Metasploit module was tested on version 4.0.3.
Nibbleblog File Upload Vulnerability
Adobe Flash IExternalizable.writeExternal – Type Confusion
Belkin Router N150 1.00.08, 1.00.09 – Path Traversal Vulnerability
Tomabo MP4 Player 3.11.6 – SEH Based Stack Overflow
WordPress Ajax Load More Plugin < 2.8.2 – File Upload Vulnerability
Apple Security Advisory 2015-10-15-1 – Keynote 6.6, Pages 5.6, Numbers 3.6, and iWork for iOS 2.6 are now available which address information compromise, arbitrary code execution, and various other vulnerabilities.