Sar2HTML 3.2.1 – Remote Command Execution
>> ARCHIVE: 2019-08
Sar2HTML 3.2.1 – Remote Command Execution
D-Link 6600-AP suffers from cross site scripting, key extraction, shell escape, config file disclosure, and denial of service vulnerabilities.
Oracle Hyperion Planning version 11.1.2.3 suffer from an XML external entity injection vulnerability.
WebIncorp ERP – SQL injection
Ultimate Loan Manager 2.0 – Cross-Site Scripting