A security vulnerability in HPE Intelligent Management Center (iMC) PLAT E0506P09, createFabricAutoCfgFile could be remotely exploited via directory traversal to allow remote arbitrary file modification. Date published : 2018-09-27 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03887en_us
A potential remote denial of service security vulnerability has been identified in HPE Integrated Lights Out 4 prior to v2.60 and iLO 5 for Gen 10 servers prior to v1.30. Date published : 2018-09-27...
IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...
Jekyll through 3.6.2, 3.7.x through 3.7.3, and 3.8.x through 3.8.3 allows attackers to access arbitrary files by specifying a symlink in the "include" key in the "_config.yml" file. Date published : 2018-09-27 https://github.com/jekyll/jekyll/pull/7224 https://jekyllrb.com/news/2018/09/19/security-fixes-for-3-6-3-7-3-8/
SQL Injection exists in the AlphaIndex Dictionaries 1.0 component for Joomla! via the letter parameter. Date published : 2018-09-27 https://www.exploit-db.com/exploits/45476/ http://packetstormsecurity.com/files/149532/Joomla-AlphaIndex-Dictionaries-1.0-SQL-Injection.html
SQL Injection exists in the Timetable Schedule 3.6.8 component for Joomla! via the eid parameter. Date published : 2018-09-27 https://www.exploit-db.com/exploits/45478/ http://packetstormsecurity.com/files/149534/Joomla-Timetable-Schedule-3.6.8-SQL-Injection.html
SQL Injection exists in authors_post.php in Super Cms Blog Pro 1.0 via the author parameter. Date published : 2018-09-27 https://www.exploit-db.com/exploits/45463/ http://packetstormsecurity.com/files/149519/Super-Cms-Blog-Pro-1.0-SQL-Injection.html
SQL Injection exists in the Social Factory 3.8.3 component for Joomla! via the radius[lat], radius[lng], or radius[radius] parameter. Date published : 2018-09-27 https://www.exploit-db.com/exploits/45470/ http://packetstormsecurity.com/files/149525/Joomla-Social-Factory-3.8.3-SQL-Injection.html
SQL Injection exists in the Swap Factory 2.2.1 component for Joomla! via the filter_order_Dir or filter_order parameter. Date published : 2018-09-27 https://www.exploit-db.com/exploits/45473/ http://packetstormsecurity.com/files/149529/Joomla-Swap-Factory-2.2.1-SQL-Injection.html
SQL Injection exists in the Collection Factory 4.1.9 component for Joomla! via the filter_order or filter_order_Dir parameter. Date published : 2018-09-27 https://www.exploit-db.com/exploits/45474/ http://packetstormsecurity.com/files/149530/Joomla-Collection-Factory-4.1.9-SQL-Injection.html
SQL Injection exists in the Jobs Factory 2.0.4 component for Joomla! via the filter_letter parameter. Date published : 2018-09-27 https://www.exploit-db.com/exploits/45469/ http://packetstormsecurity.com/files/149524/Joomla-Jobs-Factory-2.0.4-SQL-Injection.html
SQL Injection exists in the Article Factory Manager 4.3.9 component for Joomla! via the start_date, m_start_date, or m_end_date parameter. Date published : 2018-09-27 https://www.exploit-db.com/exploits/45477/ http://packetstormsecurity.com/files/149533/Joomla-Article-Factory-Manager-4.3.9-SQL-Injection.html
SQL Injection exists in the Raffle Factory 3.5.2 component for Joomla! via the filter_order_Dir or filter_order parameter. Date published : 2018-09-27 https://www.exploit-db.com/exploits/45464/ http://packetstormsecurity.com/files/149520/Joomla-Raffle-Factory-3.5.2-SQL-Injection.html
SQL Injection exists in the Penny Auction Factory 2.0.4 component for Joomla! via the filter_order_Dir or filter_order parameter. Date published : 2018-09-27 https://www.exploit-db.com/exploits/45466/ http://packetstormsecurity.com/files/149522/Joomla-Penny-Auction-Factory-2.0.4-SQL-Injection.html