>> CATEGORY: exploit

w2wiki suffers from multiple cross site scripting vulnerabilities.

Ultrabenosaurus ChatBoard suffers from a cross site request forgery vulnerability.

BookingWizz versions prior to 5.5 suffer from having default administrative credentials, local file inclusion, cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

Joomla En-Masse component versions 5.1 through 6.4 suffer from a remote SQL injection vulnerability.

Dell OpenManager Server Administrator version 8.3 XML external entity exploit.

Grid Gallery version 1.0 suffers from an authentication bypass vulnerability.

FRticket Ticket System version 1 suffers from a cross site scripting vulnerability.

Riot Games League of Legends suffers from an insecure file permissions privilege escalation vulnerability.

Easy RM to MP3 Converter version 2.7.3.700 .m3u exploit with universal DEP + ASLR bypass.