CVE-2023-25569

Apollo is a configuration management system. Prior to version 2.1.0, a low-privileged user can create a special web page. If an authenticated portal admin visits this page, the page can silently send a request to assign new roles for that user without any confirmation from the Portal admin. Cooki...

CVE-2022-32396

Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/visits/managevisit.php:4...

Prison Management System SQL注入漏洞

Prison Management System is a prison management system from Carlo Montero's personal developer. prison Management System v1.0 is vulnerable to SQL injection, which originates in the application /pms/admin/visits/viewvisit.php in the id parameter in /pms/admin/visits/viewvisit.php is missing the S...

CVE-2021-29400

A cross-site request forgery CSRF vulnerability in the My SMTP Contact v1.1.1 plugin for GetSimple CMS allows remote attackers to change the SMTP settings of the contact forms for the webpages of the CMS after an authenticated admin visits a malicious third-party site...