School Activity Updates with SMS Notification v1.0 is vulnerable to SQL Injection via /activity/admin/modules/event/index.php?view=edit&id=.Read More ...
Continue Reading
16 сентября, 2022
OASES (aka Open Aviation Strategic Engineering System) 8.8.0.2 allows attackers to execute arbitrary code via the Open Print Folder menu.Read More ...
Continue Reading
16 сентября, 2022
HotelDruid Hotel Management Software v3.0.3 and below was discovered to have exposed session tokens in multiple links via GET parameters, allowing attackers to access user session id's.Read More ...
Continue Reading
16 сентября, 2022
A Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Storage Unit Rental Management System PHP 8.0.10 , Apache 2.4.14, SURMS V 1.0 via the Add New Tenant List Rent List form.Read More ...
Continue Reading
16 сентября, 2022
Genesys PureConnect Interaction Web Tools Chat Service (up to at least 26- September- 2019) allows XSS within the Printable Chat History via the participant -> name JSON POST parameter.Read More ...
Continue Reading
16 сентября, 2022
Cross Site Scripting (XSS vulnerability exists in )Sourcecodester News247 News Magazine (CMS) PHP 5.6 or higher and MySQL 5.7 or higher via the blog category name fieldRead More ...
Continue Reading
16 сентября, 2022
Improper Access Control in GitHub repository budibase/budibase prior to 1.3.20.Read More ...
Continue Reading
16 сентября, 2022
Adobe Animate version 21.0.11 (and earlier) and 22.0.7 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an al ...
Continue Reading
16 сентября, 2022
Back to Main
