This makes it possible for authenticated attackers with subscriber privileges or above, to change user passwords and potentially take over administrator accounts.Ī vulnerability classified as critical was found in SourceCodester File Tracker Manager System 1.0. This vulnerability affects unknown code of the file register/update_password.php of the component POST Parameter Handler. The manipulation of the argument new_password leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228772.Ī DLL Hijacking issue discovered in Soft-o Free Password Manager 1.1.20 allows attackers to create arbitrary DLLs leading to code execution. Jc21 NGINX Proxy Manager through 2.9.19 allows OS command injection.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |