#firefox

D-Link DIR-846 suffers from a remote command execution vulnerability.

An arbitrary file upload vulnerability in /admin/ajax.php?action=save_uploads of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.

Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/ajax.php?action=login.

By Deeba Ahmed The Chromium-based browsers include Google Chrome, Microsoft Edge, Brave, Opera, Vivaldi, and several others. This is a post from HackRead.com Read the original post: Rilide Malware – New Crypto Stealer Hits Chromium-Based Browsers

Cross Site Scripting vulnerability found in Pandao Editor.md v.1.5.0 allows a remote attacker to execute arbitrary code via a crafted script in the <iframe>src parameter.

The hashing algorithm of ChurchCRM v4.5.3 utilizes a non-random salt value which allows attackers to use precomputed hash tables or dictionary attacks to crack the hashed passwords.

WordPress Accessibility Help Button plugin version 1.1 suffers from a cross site scripting vulnerability.

GLPI Cartography versions prior to 6.0.0 suffers from a remote shell upload vulnerability.

GLPI versions 10.0.0 through 10.0.2 suffer from a remote SQL injection vulnerability that can lead to remote code execution.

GLPI Activity versions prior to 3.1.0 suffer from a local file inclusion vulnerability.