ManageEngine Network Configuration Manager version 12.2 suffers from a remote SQL injection vulnerability in apiKey.
>> ARCHIVE: 2020-01
This is a proof of concept for CVE-2018-8413 where the Microsoft Windows Theme API had a file parsing vulnerability.
Park Ticketing Management System version 1.0 suffers from a persistent cross site scripting vulnerability.
This application, known as the SolarWinds n-Central Dumpster Diver, utilizes the nCentral agent dot net libraries to simulate the agent registration and pull the agent/appliance configuration settings. This information can…
ECTouch ECShop version 2.7.3 suffers from a remote SQL injection vulnerability.
KeePass version 2.44 suffers from a denial of service vulnerability.
An insufficient fix for CVE-2019-6205 means XNU vm_map_copy optimization which requires atomicity still is not atomic.
Citrix XenMobile Server version 10.8 suffers from an XML external entity injection vulnerability.
Employee Leaves Management System version 2.0 suffers from a cross site request forgery vulnerability.
ZOHO ManageEngine ServiceDeskPlus versions 11.0 Build 11007 and below suffer from a cross site scripting vulnerability.