WordPress Booking Calendar plugin version 6.2.1 suffers from a cross site request forgery vulnerability.
>> CATEGORY: exploit
WordPress Insert PHP plugin version 1.3 suffers from an arbitrary PHP code execution vulnerability.
WordPress Booking Calendar plugin version 6.2 suffers from a remote SQL injection vulnerability.
WordPress Contact Bank plugin version 2.1.21 suffers from a cross site scripting vulnerability.
Huawei eSpace IAD suffers from an information disclosure vulnerability.
WordPress All-In-On Security and Firewall plugin version 4.1.2 suffers from multiple CAPTCHA bypass vulnerabilities.
Joomla BreezingForms component version 1.8.x suffers from a remote shell upload vulnerability.
WinSaber suffers from an unquoted service path privilege escalation vulnerability.
VUPlayer version 2.49 .pls file stack buffer overflow exploit with DEP bypass.
Guppy CMS version 5.01.03 suffers from a client-side cross site scripting vulnerability.