webTareas 2.0.p8 – Arbitrary File Deletion
webTareas 2.0.p8 – Arbitrary File Deletion
Online Clothing Store 1.0 – ‘username’ SQL Injection
Booked Scheduler 2.7.7 – Authenticated Directory Traversal
i-doit Open Source CMDB 1.14.1 – Arbitrary File Deletion
YesWiki cercopitheque 2020.04.18.1 – ‘id’ SQL Injection
Online Clothing Store 1.0 – Persistent Cross-Site Scripting
xt:Commerce version 5.4.1, 6.2.1, and 6.2.2 suffer from an improper access control vulnerability. A logged-in customer can create and alter addresses. These addresses are referenced by incrementing IDs. On saving…
Proof of concept denial of service exploit for the recent OpenSSL signature_algorithms_cert vulnerability.
TP-LINK Cloud Cameras including products NC200, NC210, NC220, NC230, NC250, NC260, and NC450 suffer from a command injection vulnerability. The issue is located in the swSystemSetProductAliasCheck method of the ipcamera…
TP-LINK Cloud Cameras including products NC200, NC210, NC220, NC230, NC250, NC260, and NC450 suffer from having a hardcoded encryption key. The issue is located in the methods swSystemBackup and sym.swSystemRestoreFile,…