[Forgot Password]
Login  Register Subscribe

25354

 
 

132805

 
 

139264

 
 

909

 
 

113180

 
 

156

 
 
Paid content will be excluded from the download.

Filter
Matches : 19548 Download | Alert*

IBL Online Weather before 4.3.5a allows unauthenticated reflected XSS via the redirect page.

IBL Online Weather before 4.3.5a allows unauthenticated eval injection via the queryBCP method of the Auxiliary Service.

IBL Online Weather before 4.3.5a allows attackers to obtain sensitive information by reading the IWEBSERVICE_JSONRPC_COOKIE cookie.

An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows XSS.

An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows CSRF.

Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices mishandle session validation, leading to unauthenticated creation, modification, or elimination of users.

LiteCart through 2.2.1 allows CSV injection via a customer's profile.

LiteCart through 2.2.1 allows admin/?app=users&doc=edit_user CSRF to add a user.

meshsystem.dll in Valve Dota 2 through 2020-02-17 allows remote attackers to achieve code execution or denial of service by creating a gaming server with a crafted map, and inviting a victim to this server. A GetValue call is mishandled.

OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   1954

© SecPod Technologies