Dolibarr ERP/CRM 11.0.4 – File Upload Restrictions Bypass (Authenticated RCE)
Dolibarr ERP/CRM 11.0.4 – File Upload Restrictions Bypass (Authenticated RCE)
Genexis Platinum-4410 P4410-V2-1.31A – ‘start_addr’ Persistent Cross-Site Scripting
Linksys EA7500 2.0.8.194281 – Cross-Site Scripting
Ovidentia 6 – ‘id’ SQL injection (Authenticated)
MyBB version 1.8.25 suffers from a remote SQL injection vulnerability.
WordPress Mapplic-Lite plugin version 1.0 suffers from a server-side request forgery vulnerability that can be leveraged to commit cross site scripting attacks.
WordPress Mapplic plugin versions 6.1 and below suffer from a server-side request forgery vulnerability that can be leveraged to commit cross site scripting attacks.
Hi-Rez Studios version 5.1.6.3 suffers from an unquoted service path vulnerability.
ELAN Touchpad version 15.2.13.1_X64_WHQL suffers from an unquoted service path vulnerability.
ActivIdentity version 8.2 suffers from an unquoted service path vulnerability.