A vulnerability was found in Daybyday CRM 2.2.0 (Customer Relationship Management System). It has been declared as problematic. This vulnerability affects an unknown code of the file /tasks of the component New Task Handler. Applying the patch 002dc75f400cf307bd00b71a5a93f1e26e52cee2 is able to eliminate this problem. The bugfix is ready for download at github.com.
Daybyday CRM 2.2.0 New Task /tasks title cross site scripting
- Virtual Patching
- January 5, 2022
- 7:05 pm
Contact us to get started
CVE-2022-32405 : SOURCECODESTER PRISON MANAGEMENT SYSTEM 1.0 VIEW_PRISON.PHP ID SQL INJECTION
Description Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/prisons/view_prison.php:4 References
CVE-2022-20651 : CISCO ADAPTIVE SECURITY DEVICE MANAGER LOG FILE
Description A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker
CVE-2022-32549 : APACHE SLING COMMONS LOG/SLING API NEUTRALIZATION FOR LOGS
Description Apache Sling Commons Log