Office Document Reader 5.1.13 XSS / CSRF
Posted by deepcore under exploit (No Respond)
Office Document Reader version 5.1.13 suffers from cross site request forgery and cross site scripting vulnerabilities.
Archive for January, 2016
PHPIPAM 1.1.010 CSRF / XSS / SQL Injection
Posted by deepcore under exploit (No Respond)
PHPIPAM version 1.1.010 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
BulletProof Security .52.4 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
BulletProof Security version .52.4 suffers from a cross site scripting vulnerability.
Atlassian Confluence XSS / Insecure Direct Object Reference
Posted by deepcore under exploit (No Respond)
Atlassian Confluence suffers from cross site scripting and insecure direct object reference vulnerabilities. The cross site scripting affects versions 5.2, 5.8.14, and 5.8.15. The reference vulnerability affects versions 5.9.1, 5.8.14, and 5.8.15.
Ganeti Denial Of Service / Information Disclosure
Posted by deepcore under exploit (No Respond)
Ganeti suffers from unauthenticated information disclosure and denial of service vulnerabilities.
[webapps] – MediaAccess TG788vn – Unauthenticated File Disclosure
Posted by deepcore under Security (No Respond)
[webapps] – Open Audit SQL Injection Vulnerability
Posted by deepcore under Security (No Respond)
AVG WebTuneUp Cross Site Scripting
Posted by deepcore under exploit (No Respond)
AVG’s WebTuneUp subdomain suffers from a cross site scripting vulnerability.
Easy News Pro 1.5 Bypass / SQL Injection / File Upload
Posted by deepcore under exploit (No Respond)
Easy News Pro version 1.5 suffers from bypass, arbitrary file upload, and remote SQL injection vulnerabilities.
[webapps] – Online Airline Booking System – Multiple Vulnerabilities
Posted by deepcore under Security (No Respond)