>> CATEGORY: exploit

Systematic SitAware suffers from a denial of service vulnerability.

MiniCMS version 1.10 suffers from a cross site request forgery vulnerability.

osCommerce version 2.3.4.1 suffers from a code execution vulnerability.

Joomla Acymailing Starter component version 5.9.5 suffers from a CSV macro injection vulnerability.

WordPress Contact Form 7 to Database Extension plugin version 2.10.32 suffers from a CSV injection vulnerability.

Nginx version 1.3.10 may suffer from a line feed injection issue in its Accept-Encoding header.

Frog CMS version 0.9.5 suffers from a cross site request forgery vulnerability.

Homematic CCU2 version 2.29.23 suffers from an arbitrary file write vulnerability.

The DNNarticle module in DotNetNuke version 11 suffers from a directory traversal vulnerability.

VideoFlow Digital Video Protection DVP 10 version 2.10 suffers from an authenticated arbitrary file disclosure vulnerability including no session expiration. Input passed via the ‘ID’ parameter in several Perl scripts…