Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.
4708fa1d8159b0a5e606bdb26e1454e8df1d8bf6e11d9ad63c84e12e8edc8daa
Joomla Advertisement Board Classifieds extension version 3.2.0 suffers from a remote shell upload vulnerability.
cb33f11ebeca9483a5297d5ecd0cfdc213480673b35d166d7c8cde8b76a135e1
Froxlor version 0.9.37 suffers from an html injection vulnerability.
69b8200d1ea5724f13eef7c2da720d54ad8cb24a0f3f6270f5c6728715473215
Atlassian Bamboo versions prior to 6.1.6 and 6.2.0 through 6.2.5 suffer from code execution and argument injection vulnerabilities.
fca84ac002b1e70651aa751b7a890b5e69d0d5a6286d654049f33496dfc1b566
EMC xPression version 4.5SP1 Patch 13 suffers from a remote SQL injection vulnerability.
5833ec6d1bb9741766a0d0c2db74411b03b75e4299a47647d36cb1353ee9fc81
b2evolution CMS versions 6.6.0 through 6.8.10 suffer from a php code execution vulnerability.
18f4539cf4fe17463b3faf5e2e74c177b2bf60a531b9f8efa46e3f91d9e46207
Red Hat Security Advisory 2018-0005-01 - The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.9.
da4d148213b905c54870cc63a402378e78af2489a3982d2a9ab6286f37da7986
Red Hat Security Advisory 2018-0004-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API.
99395ce850cc272eac4ec7c1a8dac4ff956cb400415c67a3158acee4d1fafc1f
Red Hat Security Advisory 2018-0002-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API.
fe6966e50679bbf7e8aea17cd40bfd2c72cd3c4d7958627a19df68ca42e30431
Red Hat Security Advisory 2018-0003-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API.
943628da3b7fc89f7d89db9e0feb44ab9859636ca60338cf86778d6370406a38
Ubuntu Security Notice 3477-4 - USN-3477-1 fixed vulnerabilities in Firefox. The update introduced a crash reporting issue where background tab crash reports were sent to Mozilla without user opt-in. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, bypass same-origin restrictions, bypass CSP protections, bypass mixed content blocking, spoof the addressbar, or execute arbitrary code. Various other issues were also addressed.
d602c30afc36eea09eaf2bc581881faa087a17f86a06f99eb5a6e1e0e46fab65
WordPress Smart Google Code Inserter plugin versions prior to 3.5 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
8a02a88c708746690ff4471ebe6fdf838e607e8d762b5671225a5fa6f5240d57
Joomla EXP Auto extension version 4.2.3 suffers from a remote SQL injection vulnerability.
f84fb31cd45da2f842d07bab50f95f9534adbdeb3908a28eb5da3221d7ecde97
Joomla RealEstateManager extension version 4.2.0 suffers from a remote SQL injection vulnerability.
ef44dc5268e6c2652b8e02ad25f66968704fb47ae386e3ef3d01aae684c2c25b
Joomla VehicleManager extension version 3.9.15 suffers from a remote SQL injection vulnerability.
749c2f813923724f824cf4cd1d13160626733e194df77139b8a9a785072042ff
Fortinet Installer Client 5.6 for Windows PC suffers from a dll hijacking vulnerability.
840487916fe937e47caf1789c6cf8889df17d9612214fe814cd9318a42c2cadd