Monthly Archive: June 2021

There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality. Date published : 2021-06-03 https://consumer.huawei.com/en/support/bulletin/2021/2/

There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Attackers with physical access to the device can thereby exploit this vulnerability. A successful exploitation of this vulnerability can compromise the device’s...

There is a Security Function vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality. Date published : 2021-06-03 https://consumer.huawei.com/en/support/bulletin/2021/2/

There is a Business Logic Errors vulnerability in Huawei Smartphone. The malicious apps installed on the device can keep taking screenshots in the background. This issue does not cause system errors, but may cause...

A stack-based buffer overflow vulnerability in FortiProxy physical appliance CLI 2.0.0 to 2.0.1, 1.2.0 to 1.2.9, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 may allow an authenticated, remote attacker to perform a Denial of Service...

IBM QRadar Advisor With Watson App 1.1 through 2.5 as used on IBM QRadar SIEM 7.4 could allow a remote user to obtain sensitive information from HTTP requests that could aid in further attacks...

Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access. Date published : 2021-06-03 https://bugzilla.redhat.com/show_bug.cgi?id=1889486

OBottle 2.0 in cg.php contains an arbitrary file download vulnerability. Date published : 2021-06-03 https://github.com/SomeBottle/OBottle/issues/6

OBottle 2.0 in ct.php contains an arbitrary file write vulnerability. Date published : 2021-06-03 https://github.com/SomeBottle/OBottle/issues/7

AppCMS 2.0.101 in /admin/template/tpl_app.php has a cross site scripting attack vulnerability which allows the attacker to obtain sensitive information of other users. Date published : 2021-06-03 https://github.com/source-trace/appcms/issues/7

AppCMS 2.0.101 in /admin/info.php has an arbitrary file deletion vulnerability which allows attackers to delete arbitrary files on the site. Date published : 2021-06-03 https://github.com/source-trace/appcms/issues/4

AppCMS 2.0.101 in /admin/app.php has an arbitrary file deletion vulnerability which allows attackers to delete arbitrary files on the site. Date published : 2021-06-03 https://github.com/source-trace/appcms/issues/3

AppCMS 2.0.101 in /admin/download_frame.php has a SQL injection vulnerability which allows attackers to obtain sensitive database information. Date published : 2021-06-03 https://github.com/source-trace/appcms/issues/2

An issue was discovered in zzcms2020. There is a XSS vulnerability that can insert and execute JS code arbitrarily via /user/manage.php. Date published : 2021-06-03 https://github.com/BLL-l/vulnerability_wiki/blob/main/zzcms/user_manage_xss.md