>> ARCHIVE: 2017-05

WordPress FancyProductDesigner plugin versions prior to 3.4.2 suffer from a persistent cross site scripting vulnerability due to improper sanitization, allowing malicious .svg file uploads.

CMS Made Simple Babel Module versions prior to 0.3.3 suffer from multiple open redirection and content forgery vulnerabilities.

TemplateMonster osCommerce prior to version 2.3x suffers from an error-based SQL injection vulnerability.

…

The vulnerability laboratory core research team discovered an privilege escalation vulnerability in the official Hola VP…

The independent security researcher discovered sql-injection vulnerability in the official Stanford University MBC onli…

An independent vulnerability laboratory partner team discovered a sql-injection vulnerability in the official Joomla CMS…

The vulnerability laboratory core research team discovered an insecure file permission privilege escalation vulnerabilit…

Emby MediaServer version 3.2.5 suffers from a blind SQL injection vulnerability. Input passed via the GET parameter ‘MediaTypes’ is not properly sanitized before being returned to the user or used…