Simple Client Management System 1.0 – ‘multiple’ Stored Cross-Site Scripting (XSS)
Tags: 0day, remote exploitKhamenei.ir suffers from a remote SQL injection vulnerability.
Backdoor.Win32.Optix.03.b malware suffers from a code execution vulnerability.
10-Strike Network Inventory Explorer Pro version 9.31 suffers from an unquoted service path vulnerability.
Pentaho allows users to create and run Pentaho Report Bundles (.prpt). Users can create PRPT reports by utilizing the Pentaho Designer application and can include BeanShell Script functions to ease the production of complex reports. However, the BeanShell Script functions can allow for the execution of arbitrary Java code when Pentaho PRPT Reports are run […]
Payment Terminal versions 2.x and 3.x suffer from multiple cross site scripting vulnerabilities.
Pentaho allows users to upload various files of different file types. The upload service is implemented under the /pentaho/UploadService endpoint. The file types allowed by the application are csv, dat, txt, tar, zip, tgz, gz, gzip. When uploading a file with an extension other than the allowed file types, the application responds with the error […]
Backdoor.Win32.Ncx.b malware suffers from a buffer overflow vulnerability.
PHP Event Calendar Lite Edition suffers from a remote SQL injection vulnerability that allows for authentication bypass.
