The Vulnerability Laboratory Core Research Team discovered a non-persistent web validation vulnerability in the official Fotinet FortiManager & Fortianalyzer appliance product series.
>> CATEGORY: exploit
Joomla Catfiltering component version 1.5.4 suffers from a remote SQL injection vulnerability.
NCH WavePad version 6.4.8 suffers from a DLL hijacking vulnerability.
Ultrabenosaurus ChatBoard suffers from a stored cross site scripting vulnerability.
The fix applied for CVE-2014-1520 does not fix a DLL hijacking issue with Mozilla Firefox’s executable installer.
Hyperoptic (Tilgin) routers versions HG2330, HG2302, and HG2301 suffer from cross site request forgery and cross site scripting vulnerabilities.
NerdyZine version 2.0 suffers from a remote SQL injection vulnerability.
WordPress Social Stream plugin version 1.5.15 wp_options overwrite exploit.
nGrinder version 3.3 suffers from a stored cross site scripting vulnerability.
Oracle’s orakill.exe binary version 11.2.0 suffers from a buffer overflow vulnerability.