It is found that there is a command injection vulnerability in the setopenvpnclientcfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows attackers to execute arbitrary commands through a carefully constructed payload Date published :...
Sourcecodester Medical Hub Directory Site 1.0 is vulnerable to SQL Injection via /mhds/clinic/view_details.php. Date published : 2022-05-05 https://packetstormsecurity.com/files/166539
Sourcecodester Covid-19 Directory on Vaccination System 1.0 is vulnerable to SQL Injection via cmdcategory. Date published : 2022-05-05 https://packetstormsecurity.com/files/166481/Covid-19-Directory-On-Vaccination-System-1.0-SQL-Injection.html
In ffjpeg (commit hash: caade60), the function bmp_load() in bmp.c contains an integer overflow vulnerability, which eventually results in the heap overflow in jfif_encode() in jfif.c. This is due to the incomplete patch for...
novel-plus 3.6.0 suffers from an Arbitrary file reading vulnerability. Date published : 2022-05-05 https://github.com/201206030/novel-plus/issues/85
mingyuefusu Library Management System all versions as of 03-27-2022 is vulnerable to SQL Injection. Date published : 2022-05-05 https://github.com/lanfei-4/mingyuefusu/issues/1
Beijing Runnier Network Technology Co., Ltd Open virtual simulation experiment teaching management platform software 2.0 has a file upload vulnerability, which can be exploited by an attacker to gain control of the server. Date...
Royal Event Management System v1.0 was discovered to contain a SQL injection vulnerability via the todate parameter. Date published : 2022-05-05 https://github.com/erengozaydin/Royal-Event-Management-System-todate-SQL-Injection-Authenticated https://www.sourcecodester.com/php/15238/event-management-system-project-php-source-code.html
College Management System v1.0 was discovered to contain a SQL injection vulnerability via the course_code parameter. Date published : 2022-05-05 College Management System In PHP With Source Code https://github.com/erengozaydin/College-Management-System-course_code-SQL-Injection-Authenticated
On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows...
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP, and F5 BIG-IP Guided Configuration (GC) all versions prior to 9.0, a stored cross-site scripting (XSS) vulnerability exists in an...
On F5 Access for Android 3.x versions prior to 3.0.8, a Task Hijacking vulnerability exists in the F5 Access for Android application, which may allow an attacker to steal sensitive user information. Note: Software...
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF, ASM, and ASM, and F5 BIG-IP Guided Configuration (GC) all versions prior to 9.0, when running in Appliance...
On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Template Injection vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows...