Joomla Huge IT Gallery component version 1.1.5 suffers from cross site scripting and remote SQL injection vulnerabilities.
>> CATEGORY: exploit
The Joomla Weblinks component suffers from a remote shell upload vulnerability.
Autobahn|Python incorrectly checks the Origin header when the ‘allowedOrigins’ value is set. This can allow third parties to execute legitimate requests for WAMP WebSocket requests against an Autobahn|Python/Crossbar.io server within…
CodoForum version 3.2.1 suffers from a remote SQL injection vulnerability.
Multiple Micro Focus Filr appliances suffer from cross site request forgery, cross site scripting, command injection, insecure design, missing cookie flag, authentication bypass, poor permission, and path traversal vulnerabilities.
PHP File Vault version 0.9 suffers from directory traversal and file reading vulnerabilities.
WordPress Code Snippets plugin version 2.6.1 suffers from a cross site scripting vulnerability.
WordPress Contact Form to Email plugin version 1.1.47 suffers from a cross site scripting vulnerability.
Bellini/Supercook Wi-Fi Yumi SC200 suffers from code execution, weak default password, and information disclosure vulnerabilities.
Joomla Showdown component version 1.5.0 suffers from a remote SQL injection vulnerability.