Feras Al-Kassar

CVE-2021-43678 is assigned for this report. wechat-php-sdk v1.10.2 is affected by a Cross Site Scripting (XSS) vulnerability in Wechat.php

CVE-2021-43681 is assigned to this vulnerability. SakuraPanel v1.0.1.1 is affected by is affected by a Cross Site Scripting (XSS) vulnerability in /master/core/PostHandler.php. The exit function will terminate the script and...

Thank you for the confirmation. Two similar possible vulnerabilities in the same file ```php // *** Vulnerability 1 // line 357 exit($markdown->text($_POST['data'])); // *** Vulnerability 2 // line 368 exit("Undefined...

CVE-2021-43691 is assigned to the discovery. An unspecified version of tripexpress is affected by a path manipulation vulnerability in file system/helpers/dompdf/load_font.php. The variable src is coming from $_SERVER["argv"] then there...

Hello, I am facing the same problem. Did you find a solution for it ? The functions are not supported in phpjoern ?