Kartris 1.6 – Arbitrary File Upload
>> ARCHIVE: 2020-05
Kartris 1.6 – Arbitrary File Upload
An independent vulnerability laboratory researcher discovered a blind sql-injection web vulnerability in the official cp…
Pi-hole < 4.4 – Remote Code Execution / Privileges Escalation
Pi-hole < 4.4 – Remote Code Execution
ManageEngine DataSecurity Plus versions prior to 6.0.1 and ADAudit Plus versions prior to 6.0.3 suffers from a path traversal vulnerability that can lead to remote code execution.
Tiny MySQL suffers from a cross site scripting vulnerability.
Qik Chat version 3.0 for iOS suffers from a command injection vulnerability.
WordPress ChopSlider plugin version 3 suffers from a remote SQL injection vulnerability.
WebTareas version 2.0p8 suffers from a cross site scripting vulnerability.
ManageEngine DataSecurity Plus versions prior to 6.0.1 and ADAudit Plus versions prior to 6.0.3 suffer from an authentication bypass vulnerability.