#firefox

Ad Manager Pro version 3.05 suffers from a backup disclosure vulnerability.

Active Matrimonial CMS version 1.4 suffers from an html injection vulnerability.

Acon Architecture and Construction Website CMS version 1.2 appears to leave default credentials installed after installation.

ACJWEB DESIGNER version 1.0 suffers from a remote SQL injection vulnerability.

Ubuntu Security Notice 6143-3 - USN-6143-1 fixed vulnerabilities and USN-6143-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Jun Kokatsu discovered that Firefox did not properly validate site-isolated process for a document loaded from a data: URL that was the result of a redirect, leading to an open redirect attack. An attacker could possibly use this issue to perform phishing attacks.

A Cart version 2.0 suffers from a database disclosure vulnerability.

3CX Open Standards Software IP PBX Thailand version 2.0.3 suffers from a cross site scripting vulnerability.

File Upload vulnerability in PluckCMS v.4.7.10 dev versions allows a remote attacker to execute arbitrary code via a crafted image file to the the save_file() parameter.

An issue discovered in Pluck CMS v.4.7.10-dev2 allows a remote attacker to execute arbitrary php code via the hidden parameter to admin.php when editing a page.

File upload vulnerability in Pluck CMS v.4.7.10-dev2 allows a remote attacker to execute arbitrary code and access sensitive information via the theme.php file.