2 matches found
Drive By RCE Exploit in Pimcore 6.2.0
We have scanned Pimcore 6.2.0 and identified multiple critical vulnerabilities including a command injection vulnerability and SQL injection vulnerability which both can be exploited into a full remote code execution. Both vulnerabilities were fixed in Pimcore 6.2.1. The truncated analysis result...
Teampass 2.1.26.8: Unauthenticated SQL Injection
RIPS Analysis RIPS was able to analyze the whole project consisting of 140,000 lines of code in only 25 seconds, uncovering a lot of severe security vulnerabilities. The two main types of issues was SQL injection and file inclusion. Luckily, most of the SQL injections were found in the installati...