Kimai 1.14 – CSV Injection
>> CATEGORY: Security
Kimai 1.14 – CSV Injection
Montiorr 1.7.6m – File Upload to XSS
WordPress Plugin WPGraphQL 1.3.5 – Denial of Service
Hasura GraphQL 1.3.3 – Remote Code Execution
OpenPLC 3 – Remote Code Execution (Authenticated)
SEO Panel 4.8.0 – ‘order_col’ Blind SQL Injection (2)
Moodle 3.10.3 – ‘url’ Persistent Cross Site Scripting
GetSimple CMS My SMTP Contact Plugin 1.1.2 – CSRF to Stored XSS to RCE
DzzOffice 2.02.1 – ‘Multiple’ Cross-Site Scripting (XSS)
Sipwise C5 NGCP CSC – ‘Multiple’ Stored/Reflected Cross-Site Scripting (XSS)