A vulnerability, which was classified as critical, was found in Daybyday CRM up to 2.2.0 (Customer Relationship Management System). Affected is an unknown function of the component User Update Handler. Applying the patch a0392f4a4a14e1e3fedaf6817aefce69b6bd661b is able to eliminate this problem. The bugfix is ready for download at github.com.
Daybyday CRM up to 2.2.0 User Update weak password
- Virtual Patching
- January 5, 2022
- 7:05 pm
Contact us to get started
CVE-2022-32405 : SOURCECODESTER PRISON MANAGEMENT SYSTEM 1.0 VIEW_PRISON.PHP ID SQL INJECTION
Description Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/prisons/view_prison.php:4 References
CVE-2022-20651 : CISCO ADAPTIVE SECURITY DEVICE MANAGER LOG FILE
Description A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker
CVE-2022-32549 : APACHE SLING COMMONS LOG/SLING API NEUTRALIZATION FOR LOGS
Description Apache Sling Commons Log