COVID19 Testing Management System 1.0 – ‘searchdata’ SQL Injection
>> AUTHOR: deepcore
COVID19 Testing Management System 1.0 – ‘searchdata’ SQL Injection
Altova MobileTogether Server 7.3 – XML External Entity Injection (XXE)
RATES SYSTEM 1.0 – ‘Multiple’ SQL Injections
Canon TR150 print drivers versions 3.71.2.10 and below allow local users to read/write files within the “CanonBJ” directory and its subdirectories. By overwriting the DLL at C:\ProgramData\CanonBJ\IJPrinter\CNMWINDOWS\Canon TR150 series\LanguageModules\040C\CNMurGE.dll with…
http://english.dip.go.th/ma.txt notified by Moroccan Revolution
Cockpit CMS version 0.11.1 username enumeration and password reset NoSQL injection exploit.
WordPress LifterLMS plugin version 4.21.1 suffers from an insecure direct object reference vulnerability.
IPCop version 2.1.9 authenticated remote code execution exploit.
WordPress Picture Gallery plugin version 1.4.2 suffers from a persistent cross site scripting vulnerability.
Facebook for Android is vulnerable to a permission issue which allows anyone with physical access to the Android device, to accept friend requests without unlocking the phone. Facebook does not…