WordPress WP Ultimate Exporter plugin version 1.0 suffers from a cross site scripting vulnerability.
>> CATEGORY: exploit
WordPress Import Woocommerce plugin version 1.0.1 suffers from a cross site scripting vulnerability.
RozBlog Weblog Service suffers from cross site request forgery and cross site scripting vulnerabilities.
Compass Security discovered a web application security flaw in the OpenAM application which allows an attacker to launch phishing attacks against users by redirecting them to a malicious website. An…
WordPress Calculated Fields Form plugin versions 1.0.x and below suffer from Http_only bypass and session hijacking vulnerabilities.
In certain kernel versions it is possible to use the AIO subsystem (io_submit syscall) to pass size values larger than MAX_RW_COUNT to the networking subsystem’s sendmsg implementation. In the L2TP…
A crash can occurs due to a heap-based buffer overflow in the ASAN build of Wireshark (current git master), by feeding a malformed file to tshark.
Ubiquiti Networks UniFi version 3.2.10 suffers from a cross site request forgery vulnerability.
ManageEngine Firewall Analyzer version 8.5 SP-5.0 suffers from multiple cross site scripting vulnerabilities.
GTA Firewall GB-OS version 6.2.02 suffers from a local malicious script insertion vulnerability.