#firefox

KesionCMS X version 9.5 suffers from an unauthenticated add administrator vulnerability.

Pannres-Idence CMS version 7.3 suffers from a cross site request forgery vulnerability.

Ormesson-Immobilier CMS version 8 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

osCommerce version 4 suffers from a local file inclusion vulnerability.

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 2 and June 9. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key

P2S CMS version 0.1 suffers from a cross site scripting vulnerability.

MVC Shop version 0.5 suffers from a directory traversal vulnerability.

PHP Live version 3.1 suffers from a cross site scripting vulnerability.

Acelle Email Marketing version 4.0.25 suffers from an arbitrary file upload vulnerability.

Kesion CMS X version 2.0 suffers from an unauthenticated add administrator vulnerability.