aceftp,unknown version,Other

Published: Thursday, 18 August 2016

aceftp [abandonware],unknown, Download Permssion Extension not currently under development...

Read more: aceftp,unknown version,Other

Huge IT Catalog,1.0.6,SQL Injection

Published: Saturday, 13 August 2016

Huge IT Catalog,1.0.6 and previous versions ,SQL Injection and XSS vulnerability...

Read more: Huge IT Catalog,1.0.6,SQL Injection

K2,2.7.0,XSS (Cross Site Scripting)

Published: Wednesday, 03 August 2016

K2,2.7.0,XSS (Cross Site Scripting)

resolution: update to 2.7.1

update notice url:

Note that the VEL do not agree with the developer's assessment that XSS vulnerability is low priority...

Read more: K2,2.7.0,XSS (Cross Site Scripting)


Published: Saturday, 13 August 2016

nitroslider,1.0.0 open folder permissions

update to 1.0.1

update notice:

Read more: nitroslider,1.0.0

Payplans SQLi

Published: Tuesday, 26 July 2016

SQL Injection In PayPlans. (readybytes)developer update notice. notified report...

Read more: Payplans SQLi