Task Management System version 1.0 suffers from a persistent cross site scripting vulnerability.
>> ARCHIVE: 2020-12
Tibco ObfuscationEngine version 5.11 uses a fixed key for decryption operations, making it pointless.
The Microsoft Windows Cloud Filter driver can be abused to create arbitrary files and directories leading to elevation of privilege.
The Microsoft Windows Cloud Filter access check does not take into account restrictions such as Mandatory Labels allowing a user to bypass security checks.
The Microsoft Windows Cloud Filter HsmOsBlockPlaceholderAccess function allows a user to create arbitrary registry keys in the .DEFAULT users hive leading to elevation of privilege.
The Microsoft Windows WOF filter driver does not correctly handle the reparse point setting which allows for an arbitrary file to be cached signed leading to a bypass of UMCI.
WordPress Plugin Popup Builder 3.69.6 – Multiple Stored Cross Site Scripting
Openfire 4.6.0 – ‘path’ Stored XSS
OpenCart 3.0.3.6 – Cross Site Request Forgery
Barcodes generator 1.0 – ‘name’ Stored Cross Site Scripting