RSS   Vulnerabilities for 'Tipping software'   RSS

2019-11-18
 
CVE-2019-17058

CWE-434
 

 
Footy Tipping Software AFL Web Edition 2019 allows arbitrary file upload and resultant remote code execution because a whitelist can be bypassed by an Administrator who uploads a crafted upload.dat file.

 
 
CVE-2019-17057

CWE-79
 

 
Footy Tipping Software AFL Web Edition 2019 allows XSS.

 


Copyright 2024, cxsecurity.com

 

Back to Top