The vulnerability of the automation function of the FortiADC delivery controller, related to access control errors, allows a perpetrator to elevate their privileges to a super-administrator level.

The vulnerability of the FortiADC application delivery controller’s automation function is related to access control errors. Exploiting this vulnerability allows a malicious actor to elevate their privileges to super-administrator level through a specially crafted automation CLI script...

ImpressCMS: SQL Injection through /include/findusers.php

Summary: The vulnerability is located in the /include/findusers.php script: 281. $total = $userhandler-getUserCountByGroupLink@$POST"groups", $criteria; 282. 283. $validsort = array"uname", "email", "lastlogin", "userregdate", "posts"; 284. $sort = !inarray$POST'usersort', $validsort ? "uname" :...