qdPM 9.1 – ‘search[keywords]’ Cross-Site Scripting
>> ARCHIVE: 2019-02
qdPM 9.1 – ‘search[keywords]’ Cross-Site Scripting
MyBB Trash Bin plugin version 1.1.3 suffers from cross site request forgery and cross site scripting vulnerabilities.
Jinja2 version 2.10 suffers from a command injection vulnerability.
Find a Place CMS Directory version 1.5 suffers from a remote SQL injection vulnerability.
WeHelp version 1.6 suffers from a cross site scripting vulnerability.
JobFinder suffers from a cross site scripting vulnerability.
ZuzMusic version 2.1 suffers from a persistent cross site scripting vulnerability.
Listing Hub CMS version 1.0 suffers from a remote SQL injection vulnerability in pages.php.
KVM suffers from an uninitialized memory leak vulnerability in kvm_inject_page_fault.
KVM suffers from a use-after-free vulnerability after using the emulated VMX preemption timer.