Zenario CMS 9.0.54156 – Remote Code Execution (RCE) (Authenticated)
>> ARCHIVE: 2022-04
Zenario CMS 9.0.54156 – Remote Code Execution (RCE) (Authenticated)
KLiK Social Media Website 1.0 – ‘Multiple’ SQLi
Kramer VIAware – Remote Code Execution (RCE) (Root)
ICEHRM 31.0.0.0S – Cross-site Request Forgery (CSRF) to Account Deletion
qdPM 9.2 – Cross-site Request Forgery (CSRF)
Sherpa Connector Service v2020.2.20328.2050 – Unquoted Service Path
minewebcms 1.15.2 – Cross-site Scripting (XSS)
SAP Information System version 1.0 suffers from a remote shell upload vulnerability.
Online Sports Complex Booking System version 1.0 suffers from a remote blind SQL injection vulnerability in Users.php. This is a similar issue as the one discovered by Saud Alenazi in…
cmark-gfm, Github’s markdown parsing library, is vulnerable to an out-of-bounds write when parsing markdown tables with a high number of columns due to an overflow of the 16bit columns count.