Packet Storm

e2 Distr CMS version 2.8.5.3 appears to leave backups in a world accessible directory under the document root.

DriverPack Solution CMS version 17.11.108 suffers from a cross site scripting vulnerability.

DMIS:CRI LMS version 2.0 suffers from a remote SQL injection vulnerability.

Discussion On Kontackt The Exclusive PHP Social Network Platform version 1.18 suffers from a cross site scripting vulnerability.

Digisha CMS version 1.2.7 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

DigaSell Digital Store PHP Script version 1.0.0 suffers from a remote blind SQL injection vulnerability.

Doma CMS version 1.0 suffers from a cross site scripting vulnerability.

Desenvolvido C3iM CMS version 2.0 suffers from a cross site scripting vulnerability.

Deprixa version 3.2.5 suffers from a cross site request forgery vulnerability.

The EuroTel ETL3100 TV and FM transmitters suffer from an unauthenticated configuration and log download vulnerability. This will enable the attacker to disclose sensitive information and help him in authentication bypass, privilege escalation and full system access.