Collectd-Web version 0.4.0 suffers from a cross site scripting vulnerability.
>> CATEGORY: exploit
Collectd-Web version 0.4.0 suffers from a cross site scripting vulnerability.
Postfix Admin version 2.93 suffers from a cross site request forgery vulnerability.
Tuninfoforyou versions 2 and 2.5 appear to have a backdoor account of admin/admin.
VirIT Explorer versions Lite 8.1.68 and Pro 8.1.68 suffers from a local privilege escalation vulnerability.
WordPress Brafton plugin version 3.3.0 suffers from a cross site scripting vulnerability.
SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a remote SQL injection vulnerability.
SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from an information disclosure vulnerability.
TYPO3 versions 6.2.19 and below and 7.6.4 and below suffer from a cross site scripting filter bypass vulnerability.
LG NAS N1A1 version 10119 suffers from insecure direct object reference, SQL injection, directory traversal, arbitrary file upload/download, and sensitive information disclosure vulnerabilities. Full proof of concept exploit included.
4digits version 1.1.4 suffers from a local buffer overflow that allows for privilege escalation providing the binary is either setuid or setgid.