Multiple SQL injection vulnerabilities in CWPPoll.js in WordPress Poll Plugin 34.5 for WordPress allow attackers to execute arbitrary SQL commands via the pollid or poll_id parameter in a viewPollResults or userlogs action.
Multiple security bypass vulnerabilities in the editAnswer, deleteAnswer, addAnswer, and deletePoll functions in WordPress Poll Plugin 34.5 for WordPress allow a remote attacker to add, edit, and delete an answer and delete a poll.
Zend_XmlRpc Class in Magento before 184.108.40.206 contains an information disclosure vulnerability.
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-0342. Reason: This candidate is a duplicate of [ID]. Notes: All CVE users should reference CVE-2013-0342 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Squirrelmail 4.0 uses the outdated MD5 hash algorithm for passwords.