Super Backup version 2.0.5 for iOS suffers from a directory traversal vulnerability.
dcba32401441371be6040dab9d02f9aeCCt99 Chichen Tech CMS version 1.0 suffers from a remote SQL injection vulnerability.
bc2e83cd36c6582f95d2d19d09fca06ePerfex CRM version 2.4.4 suffers from a persistent cross site scripting vulnerability.
2e24223958057e3c02abb2ba2fe607adA session token vulnerability has been discovered in VestaCP version 0.9.8-26. The vulnerability allows remote attackers to gain unauthenticated or unauthorized access by client-side token manipulation.
1ea034ed120e284dbcab37d365cf86efVestaCP version 0.9.8-26 suffers from an insufficient session validation vulnerability.
5693495d766edfecf79c2192197a61d7VestaCP version 0.9.8-26 suffers from a cross site scripting vulnerability.
3fd585e7f9508922fe245be4837be740Huawei HedEx Lite (DM) suffers from a path traversal vulnerability.
beabbaef5514a214d3d59a874598a14eMiniCMS version 1.10 suffers from a persistent cross site scripting vulnerability.
1f0cce18a35d8c0b4f0add9870bbddfbZabbix version 5.0.0 suffers from a persistent cross site scripting vulnerability.
ccb39e6d88f2f2332a974e9c7c310a5cCMS Made Simple version 2.2.15 suffers from a persistent cross site scripting vulnerability via an authenticated SVG file upload.
23f9b1ff24fb45885fbf0f6a1744a482Laravel Nova version 3.7.0 suffers from a denial of service vulnerability.
4e26aa9f540347a3c4d968f913015acbPhpscript SGH version 0.1.0 suffers from a remote blind SQL injection vulnerability.
43e118e3acbacc1b9eb7e46169960d14WordPress Canto plugin version 1.3.0 suffers from an unauthenticated server-side request forgery vulnerability.
3ec7dc0e09dcc769a2b2489201c42b65Composr CMS version 10.0.34 suffers from a persistent cross site scripting vulnerability.
1554ea400419bac7a60455ed7af756bbForma LMS version 2.3 suffers from a persistent cross site scripting vulnerability.
3206309649992f7fa224bfd2e0f96d17Savsoft Quiz version 5 suffers from a persistent cross site scripting vulnerability. This finding differs from the original discovery of persistent cross site scripting in this version found originally by th3d1gger.
a91a61bd00b96fa4f0b114c881a7edafProof of concept code that demonstrates a full CSP bypass in Chromium 83.
5f28bc1718fd589618d504b2b06e5d99Testa Online Test Management System version 3.4.7 suffers from a remote SQL injection vulnerability.
a75fa300cae515cf17bb8cdd0609e1abIDT PC Audio version 1.0.6499.0 suffers from an unquoted service path vulnerability.
190adfbb4f6804a7d922c77fcd673669Sony BRAVIA Digital Signage versions 1.7.8 and below are vulnerable to a remote file inclusion vulnerability by including arbitrary client-side dynamic scripts (JavaScript, VBScript, HTML) when adding content though the input URL material of type html. This allows hijacking of the current session of the user, execute cross-site scripting code, or changing the look of the page and content modification on current display.
85b5e3c8c9cb495114ef096e2616e76aSony BRAVIA Digital Signage versions 1.7.8 and below are vulnerable to a client-side protection bypass due to an insecure direct object reference vulnerability.
9c3322511ba56f41f33f9e40b9574a1aSony BRAVIA Digital Signage versions 1.7.8 and below are vulnerable to a sensitive information disclosure vulnerability. An unauthenticated attacker can visit several API endpoints and disclose information running on the device.
d5e3f98a3416a94cb0997c3b35929711Invision Community version 4.5.4 suffers from a persistent cross site scripting vulnerability.
11486d1d36e1dad969555d94728eef17mojoPortal Forums version 2.7.0.0 suffers from a persistent cross site scripting vulnerability.
b4133233567d04db3046cf9382482021Online Matrimonial Project version 1.0 authenticated remote code execution exploit.
a96292b2fc8628e5695e9fde160febe4
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed