>> CATEGORY: exploit

Ersoft CMS version 1.0 suffers from a remote SQL injection vulnerability.

WordPress Ultimate Member plugin version 1.3.64 suffers from a local file inclusion vulnerability.

Joomla Threate component version 1.1.4 suffers from a remote SQL injection vulnerability.

Joomla Branch component version 3.0 suffers from a remote SQL injection vulnerability.

The Realm / Dashgum Software CMS version 1.0.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Joomla XMap component version 2.3.4 suffers from a remote SQL injection vulnerability.

LearnVest suffers from a persistent cross site scripting vulnerability. The author has emailed the vendor repeatedly with no response.

MoneyTrackin suffers from multiple cross site scripting vulnerabilities. The author has emailed the vendor repeatedly with no response.

Joomla Forms component version 1.3.1 suffers from a remote SQL injection vulnerability.

The Joomla Services component suffers from a remote SQL injection vulnerability.