2 matches found
Arbitrary Code Injection
Overview billz/raspap-webgui is a Simple wireless AP setup and mangement for Debian-based devices. Affected versions of this package are vulnerable to Arbitrary Code Injection in the DisplayProviderConfig function, which is accessible via the $POST'country' in the HTTP POST request handler. A use...
UBUNTU-CVE-2021-36625
An SQL Injection vulnerability exists in Dolibarr ERP/CRM 13.0.2 fixed version is 14.0.0 via a POST request to the countryid parameter in an UPDATE statement...