>> CATEGORY: exploit

PHPBack version 1.1 suffers from a cross site scripting vulnerability.

Ovidentia absences module version 2.64 suffers from a remote file inclusion vulnerability.

XRace Pro version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Article Script version 1.00 suffers from a remote SQL injection vulnerability.

Ovidentia bulletindoc module version 2.9 suffers from multiple remote file inclusion vulnerabilities.

Joomla! MyDynGallery component remote SQL injection exploit that leverages a vulnerability found back in 2008.

Polycom VVX-Series business media phones suffer from a path traversal vulnerability.

If the numFonts field in the TTC header is greater than (SIZE_MAX+1) / 4, an integer overflow occurs in filevirus_ttf() when calling CSafeGenFile::SafeLockBuffer.

If IExternalizable.readExternal is overridden with a value that is not a function, Flash assumes it is a function even though it is not one. This leads to execution of a…

There is a type confusion issue during serialization if ObjectEncoder.dynamicPropertyWriter is overridden with a value that is not a function.