OpenVPN Monitor versions 1.1.3 and below suffer from a cross site request forgery vulnerability that allows an attacker to disconnect arbitrary VPN clients.
8fe8676ce55952fcce460972fb63424cOpenVPN Monitor versions 1.1.3 and below suffer from an injection vulnerability that allows an attacker to inject arbitrary commands into the OpenVPN server management interface socket.
6ea912419e5cea8787dd7f4766877eefOpenVPN Monitor versions 1.1.3 and below suffer from an authorization bypass vulnerability that allows an attacker to disconnect arbitrary clients, even if the disconnect feature is disabled.
e062e120ca7f341e24487a82f218030cSmarterTools SmarterTrack 7922 suffers from an information disclosure vulnerability.
eee4a3d556dbb4d6a7731be368f9471bWordPress 3DPrint Lite plugin version 1.9.1.4 suffers from a remote shell upload vulnerability.
df05024a490ce087dd2a9ea5257bf09cPharmacy Point of Sale System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
0c421cadb58ed3860edd48c36da90815Police Crime Record Management Project version 1.0 suffers from a remote SQL injection vulnerability.
799b2319f52c524aa996f903df4c7448Redragon Gaming Mouse suffers from a denial of service vulnerability.
a001d0c25a8946620304491113760b3fWordPress Advanced Order Export For WooCommerce plugin version 3.1.7 suffers from a cross site scripting vulnerability.
cda16c38c590a26e4758142316be12a5WordPress Fitness Calculators plugin version 1.9.5 suffers from a cross site request forgery vulnerability.
30ca373f3886f6f98013bb82a0a42e7cBackdrop CMS version 1.20.0 suffers from cross site request forgery vulnerabilities that can assist an attacker in achieving command execution.
2e44ed7c8aa4c0431592175c5c6161c9Gurock Testrail version 7.2.0.3014 suffers from an improper access control vulnerability.
ca364a6a681f0978d5193d137515cfbcChrome suffers from a HRTFDatabaseLoader::WaitForLoaderThreadCompletion data race condition.
0aaadc59ac484d75a50e47a84bef9a4bOpenCats version 0.9.4-2 suffers from an XML external entity injection vulnerability.
4657a1136a0bf436beecf92beabb9bb7E-Negosyo System version 1.0 suffers from a remote shell upload vulnerability.
f0d85a1322ee67d65a1f75316c55eebcE-Negosyo System version 1.0 suffers from a remote time-based blind SQL injection vulnerability.
75b7dc2867d4a8eb9c0953dc3831e66fe107 CMS version 2.3.0 authenticated remote shell upload exploit.
efc7054ac1ba787888db18351c577bccOnline Reviewer System version 1.0 suffers from a remote shell upload vulnerability.
ae34b4deb334f94e046ad7ea3919c2b1South Gate Inn Online Reservation System version 1.0 suffers from a remote SQL injection vulnerability that allows for a shell upload.
69fa9931e645aa63507e752a01212b6bSentry version 8.2.0 suffers from a remote code execution vulnerability.
7ab59d06aee52c87e42e7da434c4a24bFilerun version 2021.03.26 authenticated remote code execution exploit.
f9ac55e431c2a7f0daa0eb4d6922bea0TotalAV version 5.15.69 suffers from an unquoted service path vulnerability.
f60e46c8d3377f891ee188835e438cd2Simple Attendance System version 1.0 suffers from a remote SQL injection vulnerability.
62a8cbbf17593175cd123e2b14cd74efCloudron version 6.2 suffers from a cross site scripting vulnerability.
04e5263b2aba1564e3b29ea91dd03411An HTTP endpoint used by the Manage Engine OpManager Smart Update Manager component can be leveraged to deserialize an arbitrary Java object. This can be abused by an unauthenticated remote attacker to execute OS commands in the context of the OpManager application. This vulnerability is also present in other products that are built on top of the OpManager application. This vulnerability affects OpManager versions 12.1 through 12.5.328.
500769d3199b6e8b0a42f614f06b6820
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed