![]() ![]() ![]() Jc21 NGINX Proxy Manager through 2.9.19 allows OS command injection. The identifier of this vulnerability is VDB-228772.Ī DLL Hijacking issue discovered in Soft-o Free Password Manager 1.1.20 allows attackers to create arbitrary DLLs leading to code execution. The exploit has been disclosed to the public and may be used. The manipulation of the argument new_password leads to sql injection. This vulnerability affects unknown code of the file register/update_password.php of the component POST Parameter Handler. This makes it possible for authenticated attackers with subscriber privileges or above, to change user passwords and potentially take over administrator accounts.Ī vulnerability classified as critical was found in SourceCodester File Tracker Manager System 1.0. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. ![]() The SP Project & Document Manager plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.67. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |