Day: October 4, 2021

OnionShare 2.3.0/2.3.1/2.3.2/2.3.3 Chat information disclosure

A vulnerability classified as problematic has been found in OnionShare 2.3.0/2.3.1/2.3.2/2.3.3. Affected is an unknown code block of the component

Common Vulnerabilities and Exposures

Adobe XMP Toolkit SDK up to 2020.1 CPP File heap-based overflow

A vulnerability classified as critical was found in Adobe XMP Toolkit SDK up to 2020.1. Affected by this vulnerability is

Common Vulnerabilities and Exposures

OnionShare 2.3.0/2.3.1/2.3.2/2.3.3 Receive unrestricted upload

A vulnerability, which was classified as critical, has been found in OnionShare 2.3.0/2.3.1/2.3.2/2.3.3. Affected by this issue is an unknown

Common Vulnerabilities and Exposures

Gila CMS 2.2.0 Picture Name resource injection

A vulnerability, which was classified as problematic, was found in Gila CMS 2.2.0 (Content Management System). This affects an unknown

Common Vulnerabilities and Exposures

Laravel Booking System Booking Core 2.0 Avatar Upload cross site scripting

A vulnerability has been found in Laravel Booking System Booking Core 2.0 and classified as problematic. This vulnerability affects some

Common Vulnerabilities and Exposures

Laravel Booking System Booking Core 2.0 Verification Page access control

A vulnerability was found in Laravel Booking System Booking Core 2.0 and classified as problematic. This issue affects an unknown

Common Vulnerabilities and Exposures

Laravel Booking System Booking Core 2.0 Password Change change-password user session

A vulnerability was found in Laravel Booking System Booking Core 2.0. It has been classified as critical. Affected is an

Common Vulnerabilities and Exposures

IceHrm 30.0.0 user session [CVE-2021-38823]

A vulnerability was found in IceHrm 30.0.0. It has been declared as critical. Affected by this vulnerability is an unknown

Common Vulnerabilities and Exposures

Calibre-Web up to 0.6.12 Metadata cross site scripting

A vulnerability was found in Calibre-Web up to 0.6.12. It has been rated as problematic. Affected by this issue is

Common Vulnerabilities and Exposures

IceHrm 30.0.0.OS File Upload cross site scripting

A vulnerability classified as problematic has been found in IceHrm 30.0.0.OS. This affects an unknown function of the component File

Common Vulnerabilities and Exposures

Meow Gallery Plugin up to 4.1.8 on WordPress Shortcode sql injection

A vulnerability classified as critical has been found in Meow Gallery Plugin up to 4.1.8 on WordPress (Photo Gallery Software).

Common Vulnerabilities and Exposures

User Registration Plugin up to 2.0.1 on WordPress user_registration_update_profile_details user_registration_profile_pic_url cross site scripting

A vulnerability classified as problematic was found in User Registration Plugin up to 2.0.1 on WordPress (WordPress Plugin). This vulnerability

Common Vulnerabilities and Exposures

Bitcoin Payment Gateway for WooCommerce Plugin up to 1.6.0 on WooCommerce All Masking Rules Page cross site scripting

A vulnerability, which was classified as problematic, has been found in Bitcoin Payment Gateway for WooCommerce Plugin up to 1.6.0

Common Vulnerabilities and Exposures

Appointment Hour Booking Plugin up to 1.3.15 on WordPress Calendar Form Settings cross site scripting

A vulnerability, which was classified as problematic, was found in Appointment Hour Booking Plugin up to 1.3.15 on WordPress (Appointment

Common Vulnerabilities and Exposures

Better Find and Replace Plugin up to 1.2.8 on WordPress All Masking Rules Page cross site scripting

A vulnerability has been found in Better Find and Replace Plugin up to 1.2.8 on WordPress (WordPress Plugin) and classified

Common Vulnerabilities and Exposures

CM Tooltip Glossary Plugin up to 3.9.20 on WordPress Shortcode glossary_tooltip cross site scripting

A vulnerability was found in CM Tooltip Glossary Plugin up to 3.9.20 on WordPress (WordPress Plugin) and classified as problematic.

Common Vulnerabilities and Exposures

Modern Events Calendar Lite Plugin up to 5.22.1 on WordPress Attribute cross site scripting

A vulnerability was found in Modern Events Calendar Lite Plugin up to 5.22.1 on WordPress (Calendar Software). It has been

Common Vulnerabilities and Exposures

SourceCodester Lodging Reservation Management System 1 Login username/password sql injection

A vulnerability was found in SourceCodester Lodging Reservation Management System 1. It has been declared as critical. This vulnerability affects

Common Vulnerabilities and Exposures

i-Panel Administration System 2.0 cross site scripting [CVE-2021-41878]

A vulnerability was found in i-Panel Administration System 2.0. It has been rated as problematic. This issue affects an unknown

Common Vulnerabilities and Exposures

Cobbler up to 3.2.x Template injection

A vulnerability, which was classified as critical, has been found in Cobbler up to 3.2.x. Affected by this issue is

Common Vulnerabilities and Exposures

Operations up to 3.2.x upload_log_data Privilege Escalation

A vulnerability, which was classified as critical, was found in Operations up to 3.2.x. Upgrading to version 3.3.0 eliminates this

Common Vulnerabilities and Exposures

Cobbler up to 3.2.x Setting authorization

A vulnerability has been found in Cobbler up to 3.2.x and classified as critical. This vulnerability affects an unknown code

Common Vulnerabilities and Exposures

Polycom Poly VVX 400/Poly VVX 410 up to 5.3.1 POST Parameter access control

A vulnerability was found in Polycom Poly VVX 400 and Poly VVX 410 up to 5.3.1 and classified as critical.

Common Vulnerabilities and Exposures

Ballistix MOD Utility up to 2.0.2.5 Driver MODAPI.sys MmMapIoSpace access control

A vulnerability was found in Ballistix MOD Utility up to 2.0.2.5. It has been classified as critical. Affected is the