An independent vulnerability laboratory researcher discovered multiple client-side cross site request forgery vulnerabilities in the official Docker UI web-application.
>> CATEGORY: exploit
An independent vulnerability laboratory researcher discovered multiple client-side cross site request forgery vulnerabilities in the official Docker UI web-application.
WAP Music CMS version 1.0.2 suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
SM Soft Tech CMS XHTML Mobile version 1.0 suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
WordPress Photocart Link plugin version 1.6 suffers from a local file inclusion vulnerability.
WordPress IMDb Profile Widget plugin version 1.0.8 suffers from a local file inclusion vulnerability.
WordPress Visual Form Builder plugin version 2.8.6 suffers from a cross site scripting vulnerability.
WordPress Music Store plugin version 1.0.41 suffers from a cross site scripting vulnerability.
WordPress CloudFlare plugin version 1.3.20 suffers from a cross site scripting vulnerability.
WordPress Claptastic Clap! Button plugin version 1.3 suffers from a cross site scripting vulnerability.