Customer Relationship Management (CRM) System version 1.0 suffers from a persistent cross site scripting vulnerability.
>> CATEGORY: exploit
Customer Relationship Management (CRM) System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Hexagon G!nius Auskunftsportal versions prior to 5.0.0.0 suffer from a remote SQL injection vulnerability.
Odoo version 12.0.20190101 suffers from an unquoted service path vulnerability.
Customer Relationship Management (CRM) System version 1.0 suffers from a remote shell upload vulnerability.
Chevereto version 3.17.1 suffers from a persistent cross site scripting vulnerability.
Android NFC suffers from a type confusion vulnerability in nfa_rw_sys_disable.
Splinterware System Scheduler Professional version 5.30 suffers an unquoted service path vulnerability.
The Container Manager Service does not impersonate the caller when granting access to virtual disk images leading to privilege escalation.
The Container Manager Service accepts an access token provided by the user without verification allowing an arbitrary process to be created with another user identity leading to privilege escalation.