2 matches found
CVE-2021-24578
The SportsPress WordPress plugin before 2.7.9 does not sanitise and escape its matchday parameter before outputting back in the Events backend page, leading to a Reflected Cross-Site Scripting issue...
SQL Injection Vulnerability in CRMEB Mall System Backend Sy***.php Page
CRMEB mall system is a new retail mobile e-commerce system developed based on ThinkPhp6.0+Vue. CRMEB mall system background Sy.php page SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive information...