IBM Data Risk Manager (IDRM) contains three vulnerabilities that can be chained by an unauthenticated attacker to achieve remote code execution as root. The first is an unauthenticated bypass, followed…
>> AUTHOR: deepcore
http://www.laoluang101.go.th/datafile/JT.html notified by Mr.GonzX
Online Clothing Store 1.0 – Persistent Cross-Site Scripting
YesWiki cercopitheque 2020.04.18.1 – ‘id’ SQL Injection
i-doit Open Source CMDB 1.14.1 – Arbitrary File Deletion
Booked Scheduler 2.7.7 – Authenticated Directory Traversal
Online Clothing Store 1.0 – ‘username’ SQL Injection
webTareas 2.0.p8 – Arbitrary File Deletion
GitLab 12.9.0 – Arbitrary File Read
xt:Commerce version 5.4.1, 6.2.1, and 6.2.2 suffer from an improper access control vulnerability. A logged-in customer can create and alter addresses. These addresses are referenced by incrementing IDs. On saving…