The latest Nextcloud 10.0.1 release in OwnCloud appears to be missing multiple patches for cross site scripting and more.
>> ARCHIVE: 2016-11
A specially crafted script can cause the VBScript engine to access data before initializing it. An attacker that is able to run such a script in any application that embeds…
Arube Networks AOS version 6.3.1.19 has a special key combination that escalates privileges.
Piwik version 2.16.0 and below suffer from a saveLayout PHP object injection vulnerability.
NodCMS suffers from a cross site request forgery vulnerability.
Ultra Light Blog suffers from a remote SQL injection vulnerability that allows for authentication bypass.
NodCMS suffers from a cross site scripting vulnerability.
NodCMS suffers from a code execution vulnerability by leveraging a cross site request forgery vulnerability.
Faraznet CMS version 4.x suffers from a cross site scripting vulnerability.
Verint Impact 360 version 11.1 suffers from a cross site scripting vulnerability.