Email address | private |
---|---|
Website | websecurity.com.ua |
First Active | 2007-07-07 |
Last Active | 2019-07-08 |
flv-player versions 3.5 and below suffer from cross site scripting and content spoofing vulnerabilities.
94fb74e35910da2fab16b7f9e805bd7b138ff19e20118c8c37830e0c8c1d9485
WordPress RokMicroNews plugin versions 1.5 and below suffer from cross site scripting, denial of service, path disclosure, abuse of functionality, and remote shell upload vulnerabilities.
ea1a5a7a7041572f9f1666622d7a30d7aaf1299bc892596fc238dd0d0c44d675
WordPress RokIntroScroller plugin versions 1.8 and below suffer from cross site scripting, denial of service, path disclosure, abuse of functionality, and remote shell upload vulnerabilities.
51756b3d26e947a4e3e7bee9dc5b4b36ee6fcc6a1dfe1823c1e33467cf47748e
InstantCMS version 1.10.2 suffers from a cross site scripting vulnerability via the REFERER header.
50e944f02d693a35f1cdad99e4fdd57772e1f3072510b21174aef2ff55dbdeb1
WordPress RokNewsPager plugin version 1.17 suffers from cross site scripting, denial of service, path disclosure, abuse of functionality, and remote shell upload vulnerabilities.
9478525d347154fcda7328dbe60c6bfeb918b3150874fd1c635d27e94addacfd
WordPress RokStories plugin version 1.25 suffers from cross site scripting, denial of service, path disclosure, abuse of functionality, and remote shell upload vulnerabilities.
0863ac73a48a29232f7f2d7ff9dc54aba5a9f353c60aa43ba69632c79ba9f148
Uploadify version 2.1.4 suffers from cross site scripting, arbitrary file deletion, and arbitrary file upload vulnerabilities.
918baa1c8fe8fe39eaf0e9e6e7cb98daa4c7e1731d544f54af20ff4dd8536e5d
DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
10d41aad71b7f29eaadbb288245f66fdd4a7a1d2f851b7485693f878deb86361
Act conference software suffers from having insufficient authorization checks in place.
34e9685a7a305ec6123443bfa385f5a6a6393521cf135c27c8ec1f47f86ed338
Soltech.CMS version 0.4 suffers from cross site scripting and content-spoofing vulnerabilities.
3a2128ffc8465d8e9ab1437eee66ccd0120c1ab286e6b4e9656695dcdae0c80b
GDD FLVPlayer version 3.635 suffers from cross site scripting and content spoofing vulnerabilities.
44f7dd1212681cf231fd4da478749b23c764aaaf54bf4e11341f3f140cfc4311
Avaya IP Office Customer Call Reporter version 8.0.9.13 allows for third party html injection that can lead to cross site scripting.
941dfcae32d82622541f93757b28d47d3dbfcc316809e02f533d9590492b6f78
Moxiecode Image Manager version 3.1.5 suffers from cross site scripting, content spoofing, and path disclosure vulnerabilities.
a9e54499e68755d73ba75172dca267dc5981d84e3d9c9cd53376f9acc8ad28fb
Soltech CMS version 0.4 suffers from a remote SQL injection vulnerability.
c456e6512195b6a7b73173fbd126978ba516f9a26da09e2b8db06a723582941d
This is a supplement to the SA-20130719-0 SEC Consult advisory that notes an additional attack vector for an XXE injection vulnerability in Sybase EAServer.
3cbd8730ac23a8caf0246048e716bcb96d05f72f025815f74e98ae2ed65f3b29
WPtouch and WPtouch Pro suffer from cross site scripting and path disclosure vulnerabilities.
2a5e82f7f7cd341b3baea6152863318137ec435431e8e23abe78edf1be2a1d1d
DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
a1614a6f14bb9e9c5ef22b488b156cfbb4b88c0698998d71453118c95f46e904
Joomla Googlemaps plugin version 3.2 suffers from cross site scripting and denial of service vulnerabilities.
d2ba9c614111d4d02b0e070dcc14bca5220f56187e1021e317c465c625078204
DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
87730ed90b89d93ac706e6dca7ffb508b64659fbefaf41acab470380cc9e5987
TinyMCE Image Manager versions 1.1 and below suffer cross site scripting and remote shell upload vulnerabilities.
c4c3c25bb2e20196080641e3f82f29017c3102e1dca37abdab1c4328a6da5895
The Joomla Googlemaps plugin suffers from cross site scripting, path disclosure, denial of service, and XML injection vulnerabilities.
165dc70f4d8846397f4d21ce1f9794a33e98cb8d13ea08baf7996288d00ca669
TinyMCE Image Manager versions 1.1 and below suffer from a cross site scripting and content spoofing vulnerabilities.
e55aa3aa8b2c3f02ed3a4e8d382c5d7f6b8a8782e1f5c69b053233d74a800737
DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
5afe9bc74e4908a316df00183a39a9d6eb436d2a53e45c241750e2cbdc3b77ee
The WordPress I Love It theme suffers from cross site scripting, content spoofing, and path disclosure vulnerabilities.
781da1e7aeb3a72439cf3b06e380d6b86f400e90a518a7210062bb2d8bee4e9b
The WordPress Search N Save plugin suffers from cross site scripting and path disclosure vulnerabilities.
27be47f29fed9d58e63bf72528e3a02636bdb8d109dc731254eb8126a836e678