Shu

**Name of the Vulnerable Software and Affected Versions** SourceCodester Modern Image Gallery App version 1.0 **Description** A flaw exists in the file upload.php component of the application. Manipulating the `filename` argument can lead to cross site scripting. The exploit is publicly available and may be used for remote attacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Online Reviewer System version 1.0 **Description** A flaw exists in code-projects Online Reviewer System 1.0 that allows for remote manipulation. Specifically, the `difficulty id` argument within an unknown function of the file `/system/system/admins/assessments/pretest/loaddata.php` is susceptible to SQL injection. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 31.0 Thunderbird versions prior to 31.0 **Description** The issue allows remote attackers to cause a denial of service, which includes memory corruption and application crash, or possibly execute arbitrary code via unknown vectors. This can be achieved through multiple unspecified vulnerabilities in the browser engine. **Recommendations** For Mozilla Firefox versions prior to 31.0, update to version 31.0 or later to resolve the issue. For Thunderbird versions prior to 31.0, update to version 31.0 or later to resolve the issue.