CIMA DocuClass ECM suffers from cross site request forgery, cross site scripting, direct object reference, and remote SQL injection vulnerabilities.
>> CATEGORY: exploit
No abstract description available in the upcomings!
No abstract description available in the upcomings!
No abstract description available in the upcomings!
Usually processes writing to temporary directories do not need to perform readdir() because they control the filenames they create, so setting /tmp/ , /var/tmp/ , etc. to be mode 1733…
Putty version Beta 0.67 suffers from a DLL hijacking vulnerability.
WebCalendar version 1.2.7 attempts to uses the HTTP Referer to check that requests are originating from same server. However, this can be easily defeated by just not sending a referer.
eCardMAX version 10.5 suffers from cross site scripting and remote SQL injection vulnerabilities.
KWSPHP CMS version 1.6.995 suffers from a persistent cross site scripting vulnerability.
WebCalendar version 1.2.7 suffers from a PHP code injection vulnerability.