Google Allo suffers from a denial of service vulnerability.
3a200cdec9078f15d49a2370f6fdbfe05a30a0b2ea3438a29940983025506470
BiP Messenger suffers from a denial of service vulnerability.
89cae9b8bd0155540d7eb5b47a45252724678bdf6ca15e07da455bd741120544
Huawei HG658 V2 suffers from a cross site scripting vulnerability.
19a19c0935b736aec0f1f1fc52254da55f11c3423d110f9ef065e5e3a06a1f48
Joomla Fsave component version 2.0 suffers from a local file disclosure vulnerability.
df655568b820679e73add599495000f3078883f4e6eb30ca6bbf28621d8e398e
WordPress Extredj plugin suffers from an open redirection vulnerability.
15595b2373ac15d55bf51737dbc7d7ee9227d6c5b08e77e62d0bbe2bde8c3ddc
Joomla Shape 5 MP3 Player version 2.0 suffers from a local file disclosure vulnerability.
9fc4f80c339f4969c4baad3e0bf59da9dd64faf7366bdfec4b599baaca7a767a
Gokhan Balbal version 2.0 suffers from a cross site request forgery vulnerability.
fa2529c6f694bbe9e957fc6932cfd9ad9c0cc8b4544e9a9c73de2eb7f672761e
Traffic CMS version 1.4.x suffers from a local file inclusion vulnerability.
624c98b778717d19759cfb903dc4a9bfd8c1114710a9bd101578150c371516af
Kaboozu CMS suffers from a remote shell upload vulnerability.
921cf556d06fbd1fafb21a2ca7e9bd50488762ff34afb615de39cc8e5c781207
Vifi Radio version 1 suffers from a cross site request forgery vulnerability. Exploit to add administrator included.
11d68726482c4931dd8bc7f9412e5b40a7a7002254633c42a4116b2ca2be56fb
Vifi Radio version 1 suffers from a cross site request forgery vulnerability. Exploit to upload a shell included.
6e4d34f2dea11cbb4c459268cca16e9324f4452dfcc3d0ee46d37ee3d7f0c2d1
Sites designed by MediaSuite.ca appear to suffer from a file disclosure vulnerability. Note that this finding houses site-specific data.
d1c2b8dfa6337ed1c63d44afd525ee484513b4d9af978679cddb553a633fcd34
Unasjee CMS suffers from multiple cross site request forgery vulnerabilities.
9b4101394e2daa2f90d83d866085ad33416c24d0ffa44d634c30bdae9c251e17
Airties Air5650TT Modem suffers from a cross site scripting vulnerability.
ab7c0ffdb194773ff18441ad3a3019c3de12206e027fdcf0f1d2ad8536e5cada
HostingTakip version 3.0 suffers from a persistent cross site scripting vulnerability.
e84df106491146ae09a5324d7fd4008af8c5914b682af96382f69c5222426db0
AMSI version 3.20.47 build 37 suffers from a remote file disclosure vulnerability.
f69ebc7b1974f5a8b8e971bbe32b26e3c1df8cf063404748a6b26e1efc807e87
This is a brief write up noting javascript backdoors left in common PHP shells.
5cfb1217e9087a15de79d56e9f05827f2a275f0a080cf8427518a3cba732ef2f
Scarlet Daisy Web CMS suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
d6b8a12437d0210b5129116dbb62cac83a2528fa625ec889888d0ffb37d18192
WordPress Sexy Squeeze Pages plugin suffers from a cross site scripting vulnerability.
8793ad38d9dfbe4490552ccd9b80858ec761b30f9e6cba3c99073dba85c6703d
WordPress Html5 Mp3 Player with Playlist plugin suffers from a path disclosure vulnerability.
a395f8e1632fe09c9796015a953289ca7779ef8883cfb4207f74d122ee0bf176
Videos Tube version 2.0 suffers from cross site scripting, remote shell upload, and remote SQL injection vulnerabilities.
022d204ee27c8050738ee7d9a9d5d427c9fe2dac73f6d6df2913a10958c816ba
Food Order Portal version 8.3 suffers from a cross site request forgery vulnerability. Note that this finding houses site-specific data.
1ea1544a5ebc5aaffe39261af2fcca694eb003fcf7092e12495bbea16b10c3d5
Travel Portal II version 6.0 suffers from a cross site request forgery vulnerability.
62a86dc8112532213efcb4069d4e0905784a3f5239b1a32bb2fa868ea3dd6b04
Airties Air6372SO modem web interface suffers from a cross site scripting vulnerability.
357e487a72b1b83c1f56a9ebab4312db1bee5c4bc581cc35b93289e73b431a01
Sniggabo CMS version 3.17 suffers from a cross site scripting vulnerability.
d08eaf053576dff5b89e2f5b00c8c530a7e66a236f16ff7712d6a017779f47f8