CERT Polska has received a report about 2 vulnerabilities (CVE-2024-6449 and CVE-2024-6450) found in HyperView Geoportal Toolkit software.

Stored XSS vulnerability (CVE-2024-7269) has been found in ConnX ESP HR Management software.

Command Injection vulnerability (CVE-2024-3659) has been found in KAON AR2140 routers firmware.

CERT Polska has received a report about 3 vulnerabilities (from CVE-2024-7265 to CVE-2024-7267) found in EZD RP software.

Cross-site Scripting vulnerability (CVE-2024-7127) has been found in Stackposts Social Marketing Tool software.

During its own research, CERT Polska has found 2 vulnerabilities (CVE-2024-3798 and CVE-2024-3799) in Phoniebox open-source project.

During its own research, CERT Polska has found another SQL Injection vulnerability (CVE-2024-6527) in MegaBIP software.

CERT Polska has received a report about 4 vulnerabilities (from CVE-2024-5631 to CVE-2024-5634) found in Longse Technology products.

Local file inclusion vulnerability (CVE-2024-4836) has been found in Edito CMS software.

Reflected XSS vulnerability (CVE-2024-6050) has been found in SOWA OPAC software.