A vulnerability was found in Daybyday CRM up to 2.2.0 (Customer Relationship Management System) and classified as critical. Affected by this issue is some unknown functionality of the component Absence Handler. Applying the patch fe842ea5ede237443f1f45a99aeb839133115d8b is able to eliminate this problem. The bugfix is ready for download at github.com.
Daybyday CRM up to 2.2.0 Absence authorization
Description Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/prisons/view_prison.php:4 References
Description A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker