Node.js third-party modules: [objtools] Prototype pollution

I would like to report a prototype pollution vulnerability in objtools module. It allows an attacker to inject properties on Object.prototype. Module module name: objtools version: 2.0.1 npm page: https://www.npmjs.com/package/objtools Module Description objtools provides several utility function...

Pandora FMS Monitoring Application 2.1.x /3.x - SQL Injection

PenTest Information: ==================== GESEC Teamsmash & rem0ve discover a SQL Injection Vulnerability on Pandora FMS Monitoring Software. Attackers can manipulate the application DBMS over a remote sql-injection vulnerability. Details ======= Tested on OS: UBUNTU 5.4 Tested with Software:...