During its own research, CERT Polska has found 3 vulnerabilities (CVE-2024-3800, CVE-2024-3801 and CVE-2024-3816) in Concept Intermedia S@M CMS software.

CERT Polska has received a report about 3 vulnerabilities (CVE-2024-5735, CVE-2024-5736 and CVE-2024-5737) found in AdmirorFrames Joomla! extension.

OS Command Injection vulnerability (CVE-2024-4748) has been found in CRUDDIY software.

During its own research, CERT Polska has found another SQL Injection vulnerability (CVE-2024-6160) in MegaBIP software.

Stored XSS vulnerability (CVE-2024-5961) has been found in 2ClickPortal software.

During its own research, CERT Polska has found 3 critical vulnerabilities (CVE-2024-1576, CVE-2024-1577 and CVE-2024-1659) in MegaBIP software.

Vulnerabilities have been detected in the Eurosoft Przychodnia, drEryk Gabinet and SimpleCare software, involving the use of the same, hard-coded password for the database. The vulnerabilities were assigned identifiers CVE-2024-1228, CVE-2024-3699 and CVE-2024-3700.

Reflected XSS vulnerability (CVE-2024-3579) has been found in Online Shopping System Advanced open-source project.

Authentication Bypass by Assumed-Immutable Data vulnerability (CVE-2024-3462) has been found in Ant Media Server (Community Edition) software.

CERT Poland has received a report about 3 vulnerabilities (from CVE-2024-4423 to CVE-2024-4425) found in CemiPark software.