Unspecified Vulnerability in CIPPlanner CIPAce (CNVD-2020-21814)

CIPPlanner CIPAce is a suite of business process automation and application development platforms from the US-based CIPPlanner. A security vulnerability exists in CIPPlanner CIPAce version 9.1 Build 2019092801. The vulnerability can be exploited by an attacker to obtain information from specific...

Subrion 3.3.0 Cross Site Request Forgery

Affected software: subrion Type of vulnerability: csrf to sql injection URL: http://demo.subrion.org Discovered by: Provensec Website: http://www.provensec.com version v3.3.0 Proof of concept no csrf protection on database form which made subrion to vulnerable to database injection vuln parameter...