Pachno version 1.0.6 suffers from a remote shell upload vulnerability. The multipart file parameter to the /uploadfile endpoint allows authenticate...
InvoicePlane versions 1.6.3 and below suffer from a path traversal vulnerability in the getfile method of the Guest module...
Redaxo versions 5.20.1 and below suffer from a path traversal vulnerability...
OpenSTAManager versions 2.9.8 and below suffer from a remote SQL injection vulnerability in ajaxcomplete.php...
OpenSTAManager versions 2.9.8 and below suffer from a remote time-based SQL injection vulnerability in the Article Pricing module...
Shopware versions greater than or equal to 6.7.0.0 and less than 6.7.6.1 has an improper control related to Twig rendered views...
OpenSTAManager versions 2.9.8 and below suffer from a remote SQL injection vulnerability in ajaxselect.php...
OpenSTAManager versions 2.9.8 and below suffer from a cross site scripting vulnerability in modificaiva.php via the righe parameter...
Authentic 8 has an broken access control that can be leveraged via insecure direct object reference that can lead to PII information disclosure...
ChurchCRM versions 6.5.2 and below suffer from a persistent cross site scripting vulnerability in the person property assignment functionality. Not...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
