WordPress Peter’s Login Redirect plugin version 2.9.0 suffers from cross site scripting and cross site request forgery vulnerabilities.
>> CATEGORY: exploit
WordPress Photo Gallery by Supsystic plugin version 1.8.5 suffers from a stored cross site scripting vulnerability.
Taser Axon Dock version 3.1 suffers from authentication bypass vulnerabilities.
Stash CMS version 1.0.3 suffers from a remote SQL injection vulnerability.
Samsung Smart Home Camera SNH-P-6410 command injection exploit that sets a new root password.
WSO2 Carbon version 4.4.5 suffers from a local file inclusion vulnerability.
WSO2 Identity Server version 5.1.0 suffers from cross site request forgery and XML external-entity injection vulnerabilities.
Nagios Incident Manager versions 2.0.0 and below suffer from code execution, cross site scripting, and remote SQL injection vulnerabilities.
Nagios Network Analyzer versions 2.2.0 and below suffer from authentication bypass, arbitrary code execution, and remote SQL injection vulnerabilities.
Nagios Log Server versions 1.4.1 and below suffer from authentication bypass, privilege escalation, cross site scripting, and inconsistent control vulnerabilities.