This archive contains all of the 146 exploits added to Packet Storm in July, 2019.
1CRM On-Premise Software 8.5.7 – Persistent Cross-Site Scripting
Rest – Cafe and Restaurant Website CMS – ‘slug’ SQL Injection
Sar2HTML 3.2.1 – Remote Command Execution
D-Link 6600-AP suffers from cross site scripting, key extraction, shell escape, config file disclosure, and denial of service vulnerabilities.
Oracle Hyperion Planning version 11.1.2.3 suffer from an XML external entity injection vulnerability.
WebIncorp ERP – SQL injection
Ultimate Loan Manager 2.0 – Cross-Site Scripting
JSC suffers from a data mishandling bug in ytecodeGenerator::emitEqualityOpImpl.
A bug in JSC YarrJIT initParenContextFreeList allows for bytes to be overwritten.