PHP Scripts Mall Muslim Matrimonial Script has SQL injection via the view-profile.php mem_id parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Red Lion HMI panels allow remote attackers to cause a denial of service (software exception) via an HTTP POST request to a long URI that does not exist, as demonstrated by version HMI 2.41 PLC 2.42. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
PHP Scripts Mall Muslim Matrimonial Script allows arbitrary file upload via admin/mydetails_edit.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.