Church Management System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to Murat Demirci in July of 2021.
T-Soft E-Commerce version 4 suffers from a cross site request forgery vulnerability.
This article discusses the CVE-2021-40444 vulnerability and an alternative path that reduces the lines of JS code to trigger the issue and does not require CAB archives.
Apple Security Advisory 2021-09-13-1 – iOS 14.8 and iPadOS 14.8 addresses code execution, integer overflow, and use-after-free vulnerabilities.
Tags:
Apple,
ios,
osx
Apple Security Advisory 2021-09-13-2 – watchOS 7.6.2 addresses code execution and integer overflow vulnerabilities.
Tags:
Apple,
ios,
osx
Apple Security Advisory 2021-09-13-3 – macOS Big Sur 11.6 addresses code execution, integer overflow, and use-after-free vulnerabilities.
Tags:
Apple,
ios,
osx
Apple Security Advisory 2021-09-13-4 – Security Update 2021-005 Catalina addresses code execution and integer overflow vulnerabilities.
Tags:
Apple,
ios,
osx
Apple Security Advisory 2021-09-13-5 – Safari 14.1.2 addresses code execution and use-after-free vulnerabilities.
Tags:
Apple,
ios,
osx
Yenkee Hornet Gaming Mouse – ‘GM312Fltr.sys’ Denial-Of-Service (PoC)
Tags:
0day,
remote exploit
WebsiteBaker 2.13.0 – Remote Code Execution (RCE) (Authenticated)
Tags:
0day,
remote exploit