PT-2024-30800 · Zynith · Zynith

Name of the Vulnerable Software and Affected Versions: ZYNITH versions prior to 7.4.9 Description: The issue is related to a missing authorization vulnerability in ZYNITH, allowing access to functionality not properly constrained by Access Control Lists ACLs. This means that users can access...

CVE-2017-7997

Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow remote attackers to execute arbitrary SQL commands via the 1 showprn parameter to webapp/users/prnow.jsp or showmonth parameter to 2 webapp/users/blhistory.jsp or 3 webapp/users/prhistory.jsp...