Testerfassung
Monthly
A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung March-2021 allow an attacker with a valid token of a COVID-19 test result to execute shell commands with. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
Multiple cross-site scripting (XSS) vulnerabilities in DRK Odenwaldkreis Testerfassung March-2021 allow remote attackers to inject arbitrary web script or HTML via all parameters to HTML form fields. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung March-2021 allow an attacker with a valid token of a COVID-19 test result to execute shell commands with. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
Multiple cross-site scripting (XSS) vulnerabilities in DRK Odenwaldkreis Testerfassung March-2021 allow remote attackers to inject arbitrary web script or HTML via all parameters to HTML form fields. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.