RSS   Vulnerabilities for 'Tipping software'   RSS

2019-11-18
 
CVE-2019-17058

CWE-434
 
 
Footy Tipping Software AFL Web Edition 2019 allows arbitrary file upload and resultant remote code execution because a whitelist can be bypassed by an Administrator who uploads a crafted upload.dat file.

 
 
CVE-2019-17057

CWE-79
 
 
Footy Tipping Software AFL Web Edition 2019 allows XSS.

 

Copyright 2024, cxsecurity.com

 

Back to Top