SQL Injection Vulnerability in ECTouch v2 via the shop page in index.php.. Devamını Oku

SQL Injection vulnerability in NukeViet CMS 4.0.10 – 4.3.07 via:the topicsid parameter in modules/news/admin/addtotopics.php. Devamını Oku

SQL Injection vulnerability in NukeViet CMS module Shops 4.0.29 and 4.3 via the (1) listid parameter in detail.php and the (2) group_price or groupid parameters…

Cross Site Scripting vulnerabiity exists in WDScanner 1.1 in the system management page. Devamını Oku

Cross Site Request Forgery (CSRF) vulnerability in FlatPress 1.1 via the DeleteFile function in flat/admin.php. Devamını Oku

Replicated Classic 2.x versions have an improperly secured API that exposes sensitive data from the Replicated Admin Console configuration. An attacker with network access to…

The LearnPress plugin before 3.2.6.9 for WordPress allows remote attackers to escalate the privileges of any user to LP Instructor via the accept-to-be-teacher action parameter.…

A logic bug in system monitoring driver of Acronis Agent after 12.5.21540 and before 12.5.23094 allowed to bypass Windows memory protection and access sensitive data.…

Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706. Devamını Oku

The package glances before 3.2.1 are vulnerable to XML External Entity (XXE) Injection via the use of Fault to parse untrusted XML data, which is…