Vulnerability Summary for the Week of August 28, 2023

 High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
earcms — ear_app An issue found in Earcms Ear App v.20181124 allows a remote cyber threat actor to execute arbitrary code via the uload/index-uplog.php. 2023-08-29 9.8 CVE-2020-18912
MISC
MISC
tripspark — veo_transportation_novusedu TripSpark VEO Transportation-2.2.x-XP_BB-20201123-184084 NovusEDU-2.2.x-XP_BB-20201123-184084 allows unsafe data inputs in POST body parameters from end users without sanitizing using server-side logic. It was possible to inject custom SQL commands into the “Student Busing Information” search queries. 2023-08-29 9.8 CVE-2021-3262
MISC
MISC
MISC
motorola_mo

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from Bulletins

Read the original article: