A vulnerability classified as critical was found in Zammad up to 4.1.0. Affected by this vulnerability is an unknown functionality of the component Custom Package Handler. Upgrading to version 4.1.1 eliminates this vulnerability.
Zammad up to 4.1.0 Custom Package command injection
- Virtual Patching
- October 8, 2021
- 1:05 pm
Contact us to get started
CVE-2023-33553 : PLANET WDRT-1800AX 1.01-CP2 COOKIE LOGINSTATUS IMPROPER AUTHENTICATION
Description An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication and escalate privileges to root via manipulation
CVE-2023-20887 : VMWARE ARIA OPERATIONS FOR NETWORKS 6.X COMMAND INJECTION
Description Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations
CVE-2023-29632 : JMSPAGEBUILDER 3.X ON PRESTASHOP AJAX_JMSPAGEBUILDER.PHP SQL INJECTION
Description PrestaShop jmspagebuilder 3.x is vulnerable to SQL Injection via ajax_jmspagebuilder.php. References https://friends-of-presta.github.io/security-advisories/modules/2023/03/13/jmspagebuilder.html For More Information MITRE