CERT Polska has received a report about 4 vulnerabilities (from CVE-2024-5631 to CVE-2024-5634) found in Longse Technology products.

Local file inclusion vulnerability (CVE-2024-4836) has been found in Edito CMS software.

Reflected XSS vulnerability (CVE-2024-6050) has been found in SOWA OPAC software.

During its own research, CERT Polska has found 3 vulnerabilities (CVE-2024-3800, CVE-2024-3801 and CVE-2024-3816) in Concept Intermedia S@M CMS software.

CERT Polska has received a report about 3 vulnerabilities (CVE-2024-5735, CVE-2024-5736 and CVE-2024-5737) found in AdmirorFrames Joomla! extension.

OS Command Injection vulnerability (CVE-2024-4748) has been found in CRUDDIY software.

During its own research, CERT Polska has found another SQL Injection vulnerability (CVE-2024-6160) in MegaBIP software.

Stored XSS vulnerability (CVE-2024-5961) has been found in 2ClickPortal software.

During its own research, CERT Polska has found 3 critical vulnerabilities (CVE-2024-1576, CVE-2024-1577 and CVE-2024-1659) in MegaBIP software.

Vulnerabilities have been detected in the Eurosoft Przychodnia, drEryk Gabinet and SimpleCare software, involving the use of the same, hard-coded password for the database. The vulnerabilities were assigned identifiers CVE-2024-1228, CVE-2024-3699 and CVE-2024-3700.