Aimeos Laravel ecommerce platform 2021.10 LTS – ‘sort’ SQL injection
>> CATEGORY: Security
Aimeos Laravel ecommerce platform 2021.10 LTS – ‘sort’ SQL injection
Bludit 3.13.1 – ‘username’ Cross Site Scripting (XSS)
Quick.CMS 6.7 – Cross Site Request Forgery (CSRF) to Cross Site Scripting (XSS) (Authenticated)
CMDBuild 3.3.2 – ‘Multiple’ Cross Site Scripting (XSS)
Online Learning System 2.0 – Remote Code Execution (RCE)
WordPress Plugin WPSchoolPress 2.1.16 – ‘Multiple’ Cross Site Scripting (XSS)
WordPress Plugin Contact Form to Email 1.3.24 – Stored Cross Site Scripting (XSS) (Authenticated)
KONGA 0.14.9 – Privilege Escalation
Simple Subscription Website 1.0 – SQLi Authentication Bypass
Fuel CMS 1.4.13 – ‘col’ Blind SQL Injection (Authenticated)