Huawei HedEx Lite (DM) suffers from a path traversal vulnerability.
>> ARCHIVE: 2020-12
Huawei HedEx Lite (DM) suffers from a path traversal vulnerability.
VestaCP version 0.9.8-26 suffers from a cross site scripting vulnerability.
VestaCP version 0.9.8-26 suffers from an insufficient session validation vulnerability.
A session token vulnerability has been discovered in VestaCP version 0.9.8-26. The vulnerability allows remote attackers to gain unauthenticated or unauthorized access by client-side token manipulation.
Perfex CRM version 2.4.4 suffers from a persistent cross site scripting vulnerability.
CCt99 Chichen Tech CMS version 1.0 suffers from a remote SQL injection vulnerability.
Super Backup version 2.0.5 for iOS suffers from a directory traversal vulnerability.
CMS Made Simple 2.2.15 – Stored Cross-Site Scripting via SVG File Upload (Authenticated)
Laravel Nova 3.7.0 – ‘range’ DoS
Forma LMS 2.3 – ‘First & Last Name’ Stored Cross-Site Scripting