>> CATEGORY: exploit

Atutor version 2.2 suffers from a cross site scripting vulnerability.

Equibase.com suffers from an html injection vulnerability that may allow for cross site scripting.

Mezzanine version 4.1.0 suffers from an arbitrary file upload vulnerability.

Mezzanine version 4.1.0 suffers from a cross site scripting vulnerability.

MailPoet Newsletters version 2.6.19 suffers from a cross site scripting vulnerability.

Opendocman version 1.3.4 suffers from a cross site request forgery vulnerability.

Opendocman version 1.3.4 suffers from an html injection vulnerability.

D-Link DVG-N5402SP suffers from path traversal, weak credential management, and information leakage vulnerabilities.

Timeclock version 0.995 suffers from a remote SQL injection vulnerability.

GE Industrial Solutions UPS SNMP adapter suffers from command injection and clear-text storage of sensitive information.