TestLink version 1.9.14 suffers from a persistent cross site scripting vulnerability.
>> CATEGORY: exploit
Google AdWords API PHP client library versions 6.2.0 and below suffer from an XML eXternal Entity injection vulnerability.
This Metasploit module exploits an arbitrary file upload in the WordPress Ajax Load More version 2.8.1.1. It allows you to upload arbitrary php files and get remote code execution. This…
OpenCart version 2.0.3.1 suffers from a cross site request forgery vulnerability.
MyWebSQL version 3.6 suffers from a cross site request forgery vulnerability.
MiniBB version 3.1.1 suffers from a cross site scripting vulnerability.
The Vulnerability Laboratory Research Team discovered an application-side file input validation web vulnerability in the official Magento Commerce (Bug Tracking) web-application.
WordPress plugin Neuvoo-Jobroll version 2.0 suffers from a reflective cross site scripting vulnerability.
Various Ubiquiti Networks products suffer from having hardcoded keys and also having remote management interfaces enabled that can be leveraged by these credentials.
Cryptocat versions prior to 2.0.22 are vulnerability to a script injection vulnerability.