Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2021-25857: Admin setup option getshell · Issue #2 · pcmt/superMicro-CMS

An issue was discovered in pcmt superMicro-CMS version 3.11, allows authenticated attackers to execute arbitrary code via the font_type parameter to setup.php.

CVE
Open in Source
#vulnerability#windows#apache#php#auth
OutSystems Service Studio 11.53.30 DLL Hijacking

OutSystems Service Studio version 11.53.30 suffers from a dll hijacking vulnerability.

i2soft CMS 2.0 Insecure Direct Object Reference

i2soft CMS version 2.0 suffers from an insecure direct object reference vulnerability.

helloGTX Travel Portal CRM 1.6 Insecure Direct Object Reference

helloGTX Travel Portal CRM version 1.6 suffers from an insecure direct object reference vulnerability.

FlatApp Premium Admin Dashboard 1.0 SQL Injection

FlatApp Premium Admin Dashboard version 1.0 suffers from a remote SQL injection vulnerability.

Greeva 2.0 SQL Injection

Greeva version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Easy Web Portal 2.1.1 Cross Site Scripting

Easy Web Portal version 2.1.1 suffers from a cross site scripting vulnerability.

Easy Password Manager 1.1 Information Disclosure

Easy Password Manager version 1.1 suffers from an administrative information disclosure vulnerability.

Easy Member Pro 3.0 Insecure Direct Object Reference

Easy Member Pro version 3.0 suffers from an insecure direct object reference vulnerability.