#php

Farmacia Gama version 1.0 suffers from a cross site scripting vulnerability.

Ecommerce version 1.15 suffers from an ignored default credential vulnerability.

Covid-19 Contact Tracing System version 1.0 suffers from a cross site scripting vulnerability.

Car Rental Management System version 1.0 suffers from a cross site scripting vulnerability.

BloodBank version 1.1 suffers from an ignored default credential vulnerability.

Bhojon Restaurant Management System version 2.9 suffers from an ignored default credential vulnerability.

FlatPress version 1.3.1 suffers from a path traversal vulnerability.

In K7 Ultimate Security versions prior to 17.0.2019, the driver file (K7RKScan.sys - this version 15.1.0.7) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of a null pointer dereference from IOCtl 0x222010 and 0x222014. At the same time, the drive is accessible to all users in the "Everyone" group.

Kortex version 1.0 suffers from an insecure direct object reference vulnerability.

WordPress MapFig Studio plugin versions 0.2.1 and below suffer from cross site request forgery and cross site scripting vulnerabilities.