CVE-2021-39416

Multiple Cross Site Scripting XSS vulnerabilities exists in Remote Clinic v2.0 in 1 patients/register-patient.php via the a Contact, b Email, c Weight, d Profession, e refcontact, f address, g gender, h age, and i serial parameters; in 2 patients/edit-patient.php via the a Contact, b Email, c...

Check that marketLockingTime >= marketOpeningTime

Handle pauliax Vulnerability details Impact There is no check that timestamps1 marketLockingTime = timestamps0 marketOpeningTime. I think that should be enforced just in case to prevent market locking before opening. Recommended Mitigation Steps Add in Factory createMarket: require timestamps1 =...

mysql -- MyISAM table privileges security bypass vulnerability for symlinked paths

MySQL Team reports: Additional corrections were made for the symlink-related privilege problem originally addressed. The original fix did not correctly handle the data directory pathname if it contained symlinked directories in its path, and the check was made only at table-creation time, not at...