Ecommerce-project-with-php-and-mysqli-Fruits-Bazar 1.0 is vulnerable to SQL Injection in search_product.php via the keyword parameters.Read More ...
Continue Reading
June 02, 2022
In Afian Filerun 20220202 Changing the "search_tika_path" variable to a custom (and previously uploaded) jar file results in remote code execution in the context of the webserver user.Read More ...
Continue Reading
June 02, 2022
Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST requ ...
Continue Reading
June 02, 2022
Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution (RCE) vulnerability in the user profile upload point in the system information.Read More ...
Continue Reading
June 02, 2022
phpABook 0.9i is vulnerable to SQL Injection due to insufficient sanitization of user-supplied data in the "auth_user" parameter in index.php script.Read More ...
Continue Reading
June 02, 2022
siteserver SSCMS 6.15.51 is vulnerable to Cross Site Scripting (XSS).Read More ...
Continue Reading
June 02, 2022
BD Synapsys™, versions 4.20, 4.20 SR1, and 4.30, contain an insufficient session expiration vulnerability. If exploited, threat actors may be able to access, modify or delete sensitive information, i ...
Continue Reading
June 02, 2022
Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host ...
Continue Reading
June 02, 2022
Back to Main
