Enterprise Vulnerabilities

From DHS/US-CERT's National Vulnerability Database

PUBLISHED:

2020-09-22

Sourcecodester Simple Library Management System 1.0 is affected by Incorrect Access Control via the Login Panel, http://<site>/lms/admin.php.



PUBLISHED:

2020-09-22

Sourcecodester Simple Library Management System 1.0 is affected by Insecure Permissions via Books > New Book , http://<site>/lms/index.php?page=books.



PUBLISHED:

2020-09-22

Ozeki NG SMS Gateway 4.17.1 through 4.17.6 does not check the file type when bulk importing new contacts ("Import Contacts" functionality) from a file. It is possible to upload an executable or .bat file that can be executed with the help of a functionality (E.g. the "Application Star...



PUBLISHED:

2020-09-22

Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To SMS.



PUBLISHED:

2020-09-22