Joomla JCK Editor 6.4.4 - 'parent' SQL Injection (2)

Exploit Title: Joomla JCK Editor 6.4.4 - 'parent' SQL Injection 2 Googke Dork: inurl:/plugins/editors/jckeditor/plugins/jtreelink/ Date: 05/03/2021 Exploit Author: Nicholas Ferreira Vendor Homepage: http://docs.arkextensions.com/downloads/jck-editor Version: 6.4.4 Tested on: Debian 10 CVE :...

CVE-2020-28577

An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal server hostname and db names...

phpMyAdmin -- multiple XSS vulnerabilities

phpMyAdmin development team reports: Firstly, if a row contains javascript code, after inline editing this row and saving, the code is executed. Secondly, missing sanitization on the db, table and column names leads to XSS vulnerabilities. Versions 3.4.0 to 3.4.4 were found vulnerable...