FortiManager and FortiAnalyzer version 5.x suffer from a client-side malicious script insertion vulnerability.
>> CATEGORY: exploit
Techsoft Web Solutions CMS version 2016 Q2 suffers from a remote SQL injection vulnerability.
BugCrowd’s file upload allows for CSVs that may have malicious formulas in them.
Multiple reflected cross site scripting issues were discovered in Cyberoam NG appliances. Input passed via the ‘ipFamily’, ‘applicationname’ and ‘username’ GET parameters to LiveConnections.jsp and LiveConnectionDetail.jsp is not properly sanitized…
Pulse version 0.7.0 Final suffers from cross site request forgery and cross site scripting vulnerabilities.
MeshCMS version 3.6 suffers from a remote command execution vulnerability.
Quanta LTE routers suffer from backdoor accounts, remote code execution, weak WPS functionality, arbitrary file reading, and a ridiculous amount of other vulnerabilities.
Hexchat IRC client version 2.11.0 suffers from a stack buffer overflow vulnerability.
Hexchat IRC client version 2.11.0 suffers from a directory traversal vulnerability.
DotCMS version 3.3 suffers from a remote SQL injection vulnerability.