2 matches found
PT-2025-19753 · Foxcms · Foxcms
Name of the Vulnerable Software and Affected Versions: foxcms version 1.2.5 Description: The issue is related to an arbitrary file deletion vulnerability. This vulnerability can be exploited via the delRestoreSerie method. Recommendations: For foxcms version 1.2.5, consider disabling the...
PT-2024-25178 · Hero · Hfheropayment
Name of the Vulnerable Software and Affected Versions: Hero hfheropayment versions 1.2.5 and earlier Description: The issue allows an attacker to escalate privileges via the HfHeropaymentGatewayBackModuleFrontController::initContent function. This is a SQL Injection vulnerability. Recommendations...