Month: December 2015

[webapps] – dotCMS 3.2.4 – Multiple Vulnerabilities

[webapps] – OpenMRS 2.3 (1.11.4) – XML External Entity (XXE) Processing Exploit

[webapps] – PHP Utility Belt – Remote Code Execution

[webapps] – OpenMRS 2.3 (1.11.4) – Multiple Cross-Site Scripting Vulnerabilities

[webapps] – WordPress Polls Widget Plugin 1.0.7 – SQL Injection Vulnerability

[remote] – phpFileManager 0.9.8 Remote Code Execution

[local] – iniNet SpiderControl SCADA Web Server Service 2.02 – Insecure File Permissions

[webapps] – OpenMRS 2.3 (1.11.4) – Expression Language Injection Vulnerability

[local] – iniNet SpiderControl PLC Editor Simatic 6.30.04 – Insecure File Permissions

[remote] – Atlassian HipChat for Jira Plugin Velocity Template Injection