B-swiss 3 Digital Signage System 3.6.5 – Cross-Site Request Forgery (Add Maintenance Admin)
>> ARCHIVE: 2020-09
Anchor CMS 0.12.7 – Persistent Cross-Site Scripting (Authenticated)
BigTree CMS 4.4.10 – Remote Code Execution
Online Food Ordering System version 1.0 suffers from a remote code execution vulnerability.
Visitor Management System in PHP 1.0 – Persistent Cross-Site Scripting
Simple Online Food Ordering System 1.0 – ‘id’ SQL Injection (Unauthenticated)
Seat Reservation System version 1.0 suffers from an unauthenticated file upload vulnerability that allows for remote code execution.
Comodo Unified Threat Management Web Console version 2.7.0 suffers from a remote code execution vulnerability.
Flatpress Add Blog version 1.0.3 suffers from a persistent cross site scripting vulnerability.
Google’s osconfig agent was vulnerable to local privilege escalation due to relying on a predictable path inside the /tmp directory. An unprivileged malicious process could abuse this flaw to win…