SQL Injection exists in the Project Log 1.5.3 component for Joomla! via the search parameter. Date published : 2018-02-18 https://www.exploit-db.com/exploits/44124/ http://packetstormsecurity.com/files/146454/Joomla-Project-Log-1.5.3-SQL-Injection.html
An issue was discovered in iDashboards 9.6b. The SSO implementation is affected by a weak obfuscation library, allowing man-in-the-middle attackers to discover credentials. Date published : 2018-02-17 https://membership.backbox.org/idashboards-9-6b-multiple-vulnerabilities/
An issue was discovered in iDashboards 9.6b. It allows remote attackers to obtain sensitive information via a direct request for the idb/config?CMD=installLicense URI, as demonstrated by intranet IP addresses and names of guest accounts....
An issue was discovered in iDashboards 9.6b. It allows remote attackers to obtain sensitive information via a direct request for the idashboards/config.xml URI, as demonstrated by intranet URLs for reports. Date published : 2018-02-17...
In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial...
An issue was discovered in Project Jupyter JupyterHub OAuthenticator 0.6.x before 0.6.2 and 0.7.x before 0.7.3. When using JupyterHub with GitLab group whitelisting for access control, group membership was not checked correctly, allowing members...
October CMS through 1.0.431 allows XSS by entering HTML on the Add Posts page. Date published : 2018-02-17 https://www.exploit-db.com/exploits/44144/ http://securitywarrior9.blogspot.com/2018/02/html-injection-october-cms.html
An issue was discovered in Pluck through 4.7.4. A stored cross-site scripting (XSS) vulnerability allows remote unauthenticated users to inject arbitrary web script or HTML into admin/blog Reaction Comments via a crafted URL. Date...
SQL Injection exists in the Saxum Astro 4.0.14 component for Joomla! via the publicid parameter. Date published : 2018-02-17 https://www.exploit-db.com/exploits/44133
SQL Injection exists in the SquadManagement 1.0.3 component for Joomla! via the id parameter. Date published : 2018-02-17 https://www.exploit-db.com/exploits/44135
SQL Injection exists in the Saxum Picker 3.2.10 component for Joomla! via the publicid parameter. Date published : 2018-02-17 https://www.exploit-db.com/exploits/44136
SQL Injection exists in the Saxum Numerology 3.0.4 component for Joomla! via the publicid parameter. Date published : 2018-02-17 https://www.exploit-db.com/exploits/44134
SQL Injection exists in the JTicketing 2.0.16 component for Joomla! via a view=events action with a filter_creator or filter_events_cat parameter. Date published : 2018-02-17 https://exploit-db.com/exploits/44121
SQL Injection exists in the DT Register 3.2.7 component for Joomla! via a task=edit&id= request. Date published : 2018-02-17 https://exploit-db.com/exploits/44108