2 matches found
Bitrix Site Manager - Remote Code Execution
In the vote aka "Polls, Votes" module before 21.0.100 of Bitrix Site Manager, a remote unauthenticated attacker can execute arbitrary code. id: CVE-2022-27228 info: name: Bitrix Site Manager - Remote Code Execution author: theamanrawat severity: critical description: In the vote aka "Polls, Votes...
Node.js third-party modules: [increments] sql injection
I would like to report SQL Injection in increments. It allows creating fake polls. Module module name: increments version: 1.2.1 npm page: https://www.npmjs.com/package/increments Module Description Increment is a database-driven for creating polls and taking votes for various options, candidates...