#sql

News Script Pro version 2.4 suffers from a cross site scripting vulnerability.

Funeral Script version 3.1 suffers from a cross site scripting vulnerability.

FAQ Script version 2.3 suffers from a cross site scripting vulnerability.

Event Script version 2.1 suffers from a cross site scripting vulnerability.

Classified Ads Script version 1.8 suffers from a cross site scripting vulnerability.

GuestBook Script version 2.2 suffers from a cross site scripting vulnerability.

Alumni Club Management Tools version 2.2.7 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Multiple SQL injection vulnerabilities have been disclosed in Gentoo Soko that could lead to remote code execution (RCE) on vulnerable systems. "These SQL injections happened despite the use of an Object-Relational Mapping (ORM) library and prepared statements," SonarSource researcher Thomas Chauchefoin said, adding they could result in RCE on Soko because of a "misconfiguration of the database.

Rocket LMS version 1.7 suffers from a persistent cross site scripting vulnerability.

ONEST CRM version 1.0 suffers from a persistent cross site scripting vulnerability.