2 matches found
CVE-2019-9693
In CMS Made Simple CMSMS before 2.2.10, an authenticated user can achieve SQL Injection in class.showtime2data.php via the functions updateshow parameter showid, inputshow parameter showid, Getshowinfo parameter showid, Getpictureinfo parameter pictureid, AdjustNameSeq parameter shownumber,...
CVE-2017-5068
Incorrect handling of picture ID in WebRTC in Google Chrome prior to 58.0.3029.96 for Mac, Windows, and Linux allowed a remote attacker to trigger a race condition via a crafted HTML page...