Packet Storm

FlightPath LMS version 5.0-rc2 suffers from an insecure direct object reference vulnerability.

FAST TECH CMS version 1.0 suffers from a cross site request forgery vulnerability.

doorGets CMS version 12 suffers from a remote shell upload vulnerability.

CrafterCMS versions 4.0.2 and below suffer from multiple cross site scripting vulnerabilities.

SugarCRM versions 12.2.0 and below suffer from multiple remote SQL injection vulnerabilities.

SugarCRM versions 12.2.0 and below suffer from a PHP object injection vulnerability.

SugarCRM versions 12.2.0 suffer from a bean manipulation vulnerability that can allow for privilege escalation.

SugarCRM versions 12.2.0 and below suffers from a multiple step remote shell upload vulnerability.

Red Hat Security Advisory 2023-4657-01 - Secondary Scheduler Operator for Red Hat OpenShift 1.1.2. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-4706-01 - The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform.