Online Resort Management System 1.0 – SQLi (Authenticated)
>> ARCHIVE: 2022-01
Online Resort Management System 1.0 – SQLi (Authenticated)
WorkTime 10.20 Build 4967 – Unquoted Service Path
Archeevo 5.0 – Local File Inclusion
The EFSRPC service on Microsoft Windows Server versions 2019 and 2022 does not prevent a caller specifying a local device path allowing any authenticated user to upload arbitrary files to…
Chrome suffers from a memory corruption vulnerability in IPC::ChannelAssociatedGroupController due to interface ID reuse.
This Metasploit module exploits an authenticated command injection vulnerability in the SonicWall SMA 100 series web interface. Exploitation results in command execution as root. The affected versions are 10.2.1.2-24sv and…
Apple Security Advisory 2022-01-12-1 – iOS 15.2.1 and iPadOS 15.2.1 addresses denial of service and resource exhaustion vulnerabilities.
Apple ColorSync suffers from out-of-bounds read vulnerabilities due to integer overflows in curve table initialization.
RLM version 14.2 suffers from a cross site scripting vulnerability.
Online Diagnostic Lab Management System version 1.0 suffers from an account takeover vulnerability.