#webkit

Grawlix version 1.5.1 suffers from a cross site scripting vulnerability.

An issue in Pagekit pagekit v.1.0.18 alows a remote attacker to execute arbitrary code via thedownloadAction and updateAction functions in UpdateController.php

ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr['id'] parameter at \default\helpers\insert.php.

Jorani version 1.0.3 suffers from a cross site scripting vulnerability.

Uvdesk version 1.1.4 suffers from a persistent cross site scripting vulnerability.

Dolibarr version 17.0.1 suffers from a persistent cross site scripting vulnerability.

Global Multi School Management System Express version 1.0 suffers from a remote SQL injection vulnerability.

SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PG_Sleep, DBMS_Lock.Sleep, Waitfor, DECODE, and DBMS_PIPE.RECEIVE_MESSAGE functions.

Ubuntu Security Notice 6289-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

E-Fun CMS version 5.0 suffers from an XML external entity injection vulnerability.