OcoMon Security Vulnerability

OcoMon is a helpdesk system from the personal developer Rafael Foster. It is designed to manage integrated inventory control that supports tickets and computing devices. A security vulnerability exists in OcoMon versions prior to v4.0.1 that stems from a local file inclusion vulnerability in...

SQL Injection in forkcms/forkcms

Description When an authenticated user exports translations, the user calls an URL like this: http://forkcms.site/private/de/locale/export?token=5z0ao1nk4p&type%5B0%5D=lbl&language%5B0%5D=de The parameter type0 and language0 are both vulnerable for SQL injection. Proof of Concept PoC for paramete...