Arastta version 1.6.2 suffers from a cross site scripting vulnerability.
>> CATEGORY: exploit
Arastta version 1.6.2 suffers from a cross site scripting vulnerability.
Trovebox versions 4.0.0-rc6 and below suffer from authentication bypass, server-side request forgery, unsafe token generation, nd remote SQL injection vulnerabilities.
If the /install/ directory was not removed, it is possible for an unauthenticated attacker to run the “install_4.php” script, which will create the configuration file for the installation. This allows…
TP-Link Technologies TL-WA850RE Wi-Fi Range Extender suffers from an unauthorized remote reboot vulnerability.
Frog CMS version 0.9.5 suffers from a persistent cross site scripting vulnerability.
Google Chrome V8 suffers from an arrow function scope fixing bug.
Shopy Point of Sale version 1.0 suffers from a CSV injection vulnerability.
Blog Master Pro version 1.0 suffers from a CSV injection vulnerability.
HRSALE The Ultimate HRM version 1.0.2 suffers from a CSV injection vulnerability.
HRSALE The Ultimate HRM version 1.0.2 suffers from a remote SQL injection vulnerability.