KORA version 2.7.0 suffers from a remote SQL injection vulnerability.
>> ARCHIVE: 2018-10
KORA version 2.7.0 suffers from a remote SQL injection vulnerability.
HotelDruid version 2.2.4 suffers from a remote SQL injection vulnerability.
Navigate CMS version 2.8.5 suffers from an arbitrary file download vulnerability.
Kados R10 GreenBee suffers from a remote SQL injection vulnerability.
Vishesh Auto Index version 3.1 suffers from a remote SQL injection vulnerability.
Rukovoditel Project Management CRM version 2.3 suffers from a remote SQL injection vulnerability.
MV Video Sharing Software version 1.2 suffers from a remote SQL injection vulnerability.
HighPortal version 12.5 suffers from a cross site scripting vulnerability.
GIU Gallery Image Upload version 0.3.1 suffers from a remote SQL injection vulnerability.
On Microsoft Windows, the FSCTL_FIND_FILES_BY_SID control code does not check for permissions to list a directory leading to disclosure of file names when a user is not granted FILE_LIST_DIRECTORY access.