Advisories

Take a look at the latest advisories from the security consultants at Pentest.

 

CVE

Impact

Researcher

Date

Product

Additional info

CVE-2022-1517

Execution with unnecessary privileges

Scott Laurie

June 2022

Illumina

Click here >

CVE-2022-1518

Path traversal

Scott Laurie

June 2022

Illumina

Click here >

CVE-2022-1519

Unrestricted upload of file

Scott Laurie

June 2022

Illumina

Click here >

CVE-2022-1521

Improper access controls

Scott Laurie

June 2022

Illumina

Click here >

CVE-2022-1524

Cleartext transmission of sensitive info

Scott Laurie

June 2022

Illumina

Click here >

CVE-2021-37168

XSS 

Nour Alomary

May 2022

SoPlanning

Click here >

CVE-2021-37169

SQLi

Nour Alomary

May 2022

SoPlanning

Click here >

CVE-2021-37170

SQLi

Nour Alomary

May 2022

SoPlanning

Click here >

CVE-2021-37171

XSS

Nour Alomary

May 2022

SoPlanning

Click here >

CVE-2022-44082

XSS to RCE

Paul Ritchie

March 2022

Textpattern CMS

Click here >

CVE-2021-42215

XSS

Sam Moore

October 2021

OpenCMS

Click here >

CVE-2021-42214

Denial of Service

Paul Ritchie

October 2021

OpenCMS

Click here >

CVE-2021-42213

XSS

Paul Ritchie

October 2021

OpenCMS

Click here >

CVE-2021-42212

XSS

Paul Ritchie

October 2021

OpenCMS

Click here >

CVE-2021-42211

XSS

Paul Ritchie

October 2021

OpenCMS

Click here >

CVE-2021-42210

XSS

Paul Ritchie

October 2021

OpenCMS

Click here >

CVE-2021-42209

XSS

Paul Ritchie

October 2021

OpenCMS

Click here >

CVE-2021-42208

Unvalidated Redirect

Paul Ritchie

October 2021

OpenCMS

Click here >

CVE-2021-42207

Unvalidated Redirect

Sam Moore

October 2021

OpenCMS

Click here >

CVE-2021-42206

Clickjacking

Paul Ritchie

October 2021

OpenCMS

Click here >

CVE-2021-27980

Authentication
Bypass

Paul Ritchie

May 2021

Fedena School Management Software

Click here >

CVE-2021-27975

XSS

Chadwick Jam

May 2021

Fedena School Management Software

Click here >

CVE-2021-27977

XSS

Chris Young

May 2021

Fedena School Management Software

Click here >

CVE-2021-27974

RCE

Chris Young

May 2021

Fedena School Management Software

Click here >

CVE-2021-27978

XSS

Chris Young

May 2021

Fedena School Management Software 

Click here >

CVE-2021-27976

Broken Access Controls

Chadwick Jam

May 2021

Fedena School Management Software

Click here >

CVE-2021-27979

SQL Injection

Chadwick Jam

May 2021

Fedena School Management Software

Click here >

CVE-2020-28970

RCE

Sam Thomas

December 2020

Western Digital – My Cloud OS 5

Click here >

CVE-2020-13664

RCE

Sam Thomas
Lorenzo Grespan

June 2020

Drupal Core

Click here >

CVE-2020-4046

XSS to RCE

Sam Thomas

June 2020

WordPress Core

Click here >

CVE-2020-10243

SQLi

Sam Thomas

March 2020

Joomla! CMS

Click here >

CVE-2020-8498

XSS

Paul Ritchie
Sam Thomas

January 2020

GistPress WordPress plugin

Click here >

CVE-2020-7055

RCE

Sam Thomas
Kyle Fleming

January 2020

Elementor WordPress plugin

Click here >

CVE-2019-15780

RCE

Sam Thomas
Nour Alomary

August 2019

Formidable WordPress plugin

Click here >

Our latest research

Our Labs page is the place to discover our latest research, advisories, tool releases and challenges.

Pentest Labs >

Looking to improve your security? Our insights are a great place to start.

Pentest Insights >

How can we support you?

Contact our team today to find out how we can help support your organization.

Contact us >
CREST | Pentest Limited
OSCP

/contact

Twitter Linkedin Github Youtube

/services

/about

/links

Pentest Limited is registered in England and Wales with company number 11925182

Registered address: 22 Great James Street, London, WC1N 3ES

VAT registration No: 331802826​

© Pentest Limited 2022. All rights reserved.