An attacker can exploit this to access and modify data across the installation. There is no mitigations for this issue.
An update to fix this issue has been released.
OcoMon v4.0 was discovered to contain a cross-site scripting (XSS) vulnerability at edit.php.
An attacker can exploit this to execute script code in the browser of a user visiting the affected application.
There is no mitigations for this issue.
An update to fix this issue has been released.
OcoMon v4.0 was discovered to contain a SQL injection vulnerability via the cod parameter at download.php.
An attacker can exploit this to inject SQL code and change data across the installation.
There is no mitigations for this issue.
An update to fix this issue has been released.
OcoMon v4.0 was discovered to contain a cross-site scripting (XSS) vulnerability at edit.php.
An attacker can exploit this to execute script code in the browser of a user visiting the affected application.
There is no mitigations for this issue.
An update to fix this issue has been released.
OcoMon v4.0 was discovered to contain a SQL injection vulnerability via the cod parameter at download.php.
An attacker can exploit this to inject SQL code and change data across the installation.
There is
^
OcoMon v4.0 was discovered to contain a SQL injection vulnerability via the cod parameter at download.php.
Timeline
Published on: 10/13/2022 23:15:00 UTC
Last modified on: 10/17/2022 02:10:00 UTC