Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an arbitrary public key to the device’s SSH Authorized Keys data, and consequently obtain remote root…

Link: http://feeds.security-database.com/~r/Last100Alerts/~3/cpeDqfbF62g/detail.php

Zurmo 3.2.3 allows XSS via the latitude or longitude parameter to maps/default/mapAndPoint.

Link: http://feeds.security-database.com/~r/Last100Alerts/~3/hxEI-LKydsY/detail.php

Exiv2 0.26 has a Null Pointer Dereference in the Exiv2::DataValue::toLong function in value.cpp, related to crafted metadata in a TIFF file.

Link: http://feeds.security-database.com/~r/Last100Alerts/~3/uIjX8PKYrTY/detail.php

Topic: Chatting System PHP Ajax MySQL JavaScript 1.0 Cross Site Scripting Risk: Medium Text:# Exploit Title: Chatting System PHP Ajax MySQL JavaScript – xss # Google Dork: N/A # Date: 2017/31/12 # Exploit Author: Sha…

Link: https://cxsecurity.com/issue/WLB-2017120347

Topic: Chatting System PHP Ajax MySQL JavaScript 1.0 Shell Upload Risk: High Text:# Exploit Title: Chatting System PHP Ajax MySQL JavaScript – Remote Shell Upload # Google Dork: N/A # Date: 2017/31/12 # Exp…

Link: https://cxsecurity.com/issue/WLB-2017120348

Topic: Wikipedia Search Engine 1.0 Cross Site Scripting Risk: Low Text:# Exploit Title: Wikipedia Search Engine PHP – xss # Google Dork: N/A # Date: 2017/31/12 # Exploit Author: ShanoWeb # Autho…

Link: https://cxsecurity.com/issue/WLB-2017120350

Topic: Photo Fusion 1.0 Cross Site Scripting Risk: Low Text:# Exploit Title: Photo Fusion – Free Stock Photos Script – Xss # Google Dork: N/A # Date: 2017/31/12 # Exploit Author: Shano…

Link: https://cxsecurity.com/issue/WLB-2017120349