Cisco Identity Services Engine (ISE) version 2.4.0 suffers from cross site scripting, java deserialization, and in conjunction can lead to remote code execution. Full exploit provided.
>> CATEGORY: exploit
OSCI-Transport Library 1.2 for German e-Government versions 1.8.1 and below suffer from an insecure cryptographic implementation and signature bypass vulnerabilities.
WordPress Forminator plugin version 1.5.4 suffers from cross site scripting and remote SQL injection vulnerabilities.
WordPress Quiz and Survey Master plugin version 6.0.4 suffers from a cross site scripting vulnerability.
WordPress Blog2Social plugin version 5.0.2 suffers from a cross site scripting vulnerability.
Device Monitoring Studio version 8.10.00.8925 denial of service proof of concept exploit.
WordPress Contact Form Email plugin version 1.2.65 suffers from cross site request forgery and cross site scripting vulnerabilities.
River Past Audio Converter version 7.7.16 denial of service proof of concept exploit.
WordPress Font Organizer plugin version 2.1.1 suffers from a cross site scripting vulnerability.
Zyxel VMG3312-B10B DSL-491HNU-B1 V2 suffers from a cross site request forgery vulnerability.