Winhex Editor versions 18.7 and below suffer from a dll hijacking vulnerability.
>> CATEGORY: exploit
iScripts EasyCreate version 3.0 remote code execution exploit.
iScripts EasyCreate version 3.0 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
ProjetSend version r582 suffers from authentication bypass, remote SQL injection, insecure direct object reference, and directory traversal / arbitrary file read vulnerabilities.
The Vulnerability Laboratory Core Research Team discovered a client-side cross site scripting web vulnerability in official Netlife Photosuite Pro, manufactured by Netlife AS.
los818 CMS 2016 Q1 suffers from a remote SQL injection vulnerability.
VLC Media Player version 2.2.1 suffers from a heap memory corruption vulnerability when handling malformed mp4 files.
Trend Micro Direct Pass suffers from filter bypass and cross site scripting vulnerabilities.
WordPress Appointment Booking Calendar plugin versions 1.1.24 and below suffer from privilege escalation and cross site scripting vulnerabilities.
Telegram (API) suffers from a cross site request forgery vulnerability.