sysPass versions 1.1.2.23 and below suffer from a cross site scripting vulnerability.
>> CATEGORY: exploit
PHP Utility Belt suffers from a remote code execution vulnerability.
JRSoft InnoSetup executable installers suffer from a DLL hijacking vulnerability.
It is possible for an attacker to execute a DLL planting attack in Microsoft Office with a specially crafted OLE object. Testing was performed on a Windows 7 x64 virtual…
dotCMS version 3.2.4 suffers from cross site request forgery, cross site scripting, and open redirection vulnerabilities.
ASP Dynamika version 2.5 suffers from a cross site scripting vulnerability.
Property Castle version 15 suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
Circutor PowerStudio SCADA version 4.0.5 suffers from an unquoted search path issue impacting the services ‘CircutorPowerStudioScadaServer’ and ‘CircutorPowerStudioServer’ for Windows deployed as part of PowerStudio Series. This could potentially allow…
Docebo LMS version 4.0.3 suffers from a cross site scripting vulnerability.
DMarket version 1.0 suffers from a remote PHP code injection vulnerability.