Sony BRAVIA Digital Signage versions 1.7.8 and below are vulnerable to a client-side protection bypass due to an insecure direct object reference vulnerability.
>> CATEGORY: exploit
Sony BRAVIA Digital Signage versions 1.7.8 and below are vulnerable to a remote file inclusion vulnerability by including arbitrary client-side dynamic scripts (JavaScript, VBScript, HTML) when adding content though the…
IDT PC Audio version 1.0.6499.0 suffers from an unquoted service path vulnerability.
Testa Online Test Management System version 3.4.7 suffers from a remote SQL injection vulnerability.
Proof of concept code that demonstrates a full CSP bypass in Chromium 83.
Savsoft Quiz version 5 suffers from a persistent cross site scripting vulnerability. This finding differs from the original discovery of persistent cross site scripting in this version found originally by…
Forma LMS version 2.3 suffers from a persistent cross site scripting vulnerability.
Composr CMS version 10.0.34 suffers from a persistent cross site scripting vulnerability.
WordPress Canto plugin version 1.3.0 suffers from an unauthenticated server-side request forgery vulnerability.
Phpscript SGH version 0.1.0 suffers from a remote blind SQL injection vulnerability.