>> CATEGORY: exploit

VX Search version 10.6.18 suffers from a local buffer overflow vulnerability.

MySQL Squid Access Report version 2.1.4 suffers from cross site scripting and remote SQL injection vulnerabilities.

Rvsitebuilder CMS suffers from a backup disclosure vulnerability.

Match Clone Script version 1.0.4 suffers from a cross site scripting vulnerability.

Geist WatchDog Console version 3.2.2 suffers from cross site scripting, XML external entity injection, and insecure file permission vulnerabilities.

Joomla JS Jobs component version 1.2.0 suffers from a cross site request forgery vulnerability.

Facebook Graph groups crosswalk user’s metadata mapping weakness demo proof of concept script.

WordPress Caldera Forms plugin version 1.5.9.1 suffers from a cross site scripting vulnerability.

Lutron Quantum versions 2.0 through 3.2.243 suffer from an information disclosure vulnerability.

Digital Guardian Management Console version 7.1.2.0015 suffer from a server-side request forgery vulnerability.