Monthly Archive: June 2021

In IBOS 4.5.4 Open, the database backup has Command Injection Vulnerability. Date published : 2021-06-24 https://gitee.com/ibos/IBOS/issues/I18IIV

phpwcms 1.9.13 is vulnerable to Code Injection via /phpwcms/setup/setup.php. Date published : 2021-06-24 https://github.com/slackero/phpwcms/issues/286

In IBOS 4.5.4 the email function has a cross site scripting (XSS) vulnerability in emailbody[content] parameter. Date published : 2021-06-24 https://gitee.com/ibos/IBOS/issues/I189ZF

Cross Site Scripting (XSS) vulnerability in Roundcube Mail

Cross Site Scripting (XSS) vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php. Date published : 2021-06-24 https://github.com/roundcube/roundcubemail/issues/7406 https://lorexxar.cn/2020/06/10/roundcube-mail-xss/#Store-Xss-in-installer-test-php

Cross Site Scripting (XSS) vulnerabililty in WebPort

SQL Injection vulnerability in WebPort

Directory Traversal vulnerability in WebPort

Cross Site Scripting (XSS) vulnerability in WebPort

Cross Site Scripting (XSS) vulnerability in gnuboard5

SQL Injection vulnerability in gnuboard5

Cross Site Scripting (XSS) vulnerability in gnuboard5

An issue was found in the Evernote client for Windows 10, 7, and 2008 in the protocol handler. This enables attackers for arbitrary command execution if the user clicks on a specially crafted URL....

An issue was discovered in function addMeByRC in the smart contract implementation for RC, an Ethereum token, allows attackers to transfer an arbitrary amount of tokens to an arbitrary address. Date published : 2021-06-24...