Day: April 14, 2025

SilverStripe 5.3.8 – Stored Cross Site Scripting (XSS) (Authenticated)

OpenPanel Copy and View functions in the File Manager 0.3.4 – Directory Traversal

OpenPanel 0.3.4 – OS Command Injection

OpenPanel 0.3.4 – Incorrect Access Control

OpenPanel 0.3.4 – Directory Traversal

Pimcore 11.4.2 – Stored cross site scripting

Xinet Elegant 6 Asset Lib Web UI 6.1.655 – SQL Injection

Pimcore customer-data-framework 4.2.0 – SQL injection

ZTE ZXHN H168N 3.1 – Remote Code Execution (RCE) via authentication bypass