CVE-2021-42545

An insufficient session expiration vulnerability exists in Business-DNA Solutions GmbH’s TopEase® Platform Version = 7.1.27, which allows a remote attacker to reuse, spoof, or steal other user and admin sessions...

php: Invalid read in exif_process_SOFn()

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exifprocessSOFn...

PHP 7.1.x < 7.1.27 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.27 or 7.2.x prior to 7.2.16 or 7.3.x prior to 7.3.3. It is, therefore, affected by multiple vulnerabilities. Note that the scanner has not tested for these issues but has instead relied only on the...

CVE-2019-9637

An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to...

CVE-2019-9640

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exifprocessSOFn...

CVE-2017-1000120

ERPNextFrappe Version = 7.1.27 SQL injection vulnerability in frappe.share.getusers allows remote authenticated users to execute arbitrary SQL commands via the fields parameter...

Sql injection

ERPNextFrappe Version = 7.1.27 SQL injection vulnerability in frappe.share.getusers allows remote authenticated users to execute arbitrary SQL commands via the fields parameter...