Care2x Integrated Hospital Info System version 2.7 suffers from multiple remote SQL injection vulnerabilities.
CloverDX version 5.9.0 cross site request forgery to remote code execution exploit.
ObjectPlanet Opinio version 7.12 suffers from reflective and persistent cross site scripting vulnerabilities.
Denver IP Camera SHO-110 suffers from an unauthenticated disclosure of a snapshot.
Longjing Technology BEMS API version 1.21 suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used…
Oracle Fatwire version 6.3 suffers from cross site scripting and remote SQL injection vulnerabilities.
The msExchStorageGroup schema class added during Exchange installation can be used to create almost any AD object including users, groups or domain trusts leading to elevation of privilege.
The msExchStorageGroup schema class added during Exchange installation can be used to create almost any AD object including users, groups or domain trusts leading to elevation of privilege.
http://secondary33.go.th/vuln.gif notified by MiSh
TripSpark VEO Transportation suffers from a remote blind SQL injection vulnerability.