WordPress Plugin Modern Events Calendar 5.16.2 – Remote Code Execution (Authenticated)
>> ARCHIVE: 2021-07
WordPress Plugin Modern Events Calendar 5.16.2 – Remote Code Execution (Authenticated)
Scratch Desktop 3.17 – Cross-Site Scripting/Remote Code Execution (XSS/RCE)
phpAbook version 0.9i suffers from a remote SQL injection vulnerability.
Doctors Patients Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Securepoint SSL VPN Client version 2.0.30 suffers from a local privilege escalation vulnerability.
Apache Superset version 1.1.0 suffers from a time-based account enumeration vulnerability.
A KVM guest on AMD can launch a L2 guest without the Intercept VMRUN control bit by exploiting a TOCTOU vulnerability in nested_svm_vmrun. Executing vmrun from the L2 guest, will…
Vianeos OctoPUS 5 – ‘login_user’ SQLi
Online Voting System 1.0 – Remote Code Execution (Authenticated)
Online Voting System 1.0 – Authentication Bypass (SQLi)