ElasticSearch 7.13.3 – Memory disclosure
ElasticSearch 7.13.3 – Memory disclosure
WordPress Plugin Simple Post 1.1 – ‘Text field’ Stored Cross-Site Scripting (XSS)
Vehicle Parking Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Original discovery of persistent cross site scripting in this version is attributed to Tushar Vaidya in…
Vehicle Parking Management System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to gh1mau in July of 2020.
Proof of concept code for a time-based blind remote SQL injection vulnerability in Online Shopping Portal version 3.1. This is a variant of the original discovery of SQL injection in…
News Portal Project version 3.1 suffers from multiple remote time-based SQL injection vulnerabilities.
CSZ CMS version 1.2.9 suffers from an arbitrary file deletion vulnerability.
Ampache version 4.4.2 suffers from a cross site scripting vulnerability.
Qualys discovered a size_t-to-int conversion vulnerability in the Linux kernel’s filesystem layer: by creating, mounting, and deleting a deep directory structure whose total path length exceeds 1GB, an unprivileged local…