📦 White Shark Systems

CVE-2020-20466 allows remote attackers to modify any user's password in White Shark System 1.3.2 via the user_edit_password.php endpoint without authentication. This vulnerability affects all organiza...

White Shark System (WSS) 1.3.2 contains a SQL injection vulnerability in log_edit.php that allows remote attackers to execute arbitrary SQL commands via the csa_to_user parameter. This can lead to una...

CVE-2020-20471 is an unauthorized access vulnerability in White Shark System (WSS) 1.3.2 that allows remote attackers to escalate privileges to admin level. This affects all deployments of WSS 1.3.2 w...

White Shark System (WSS) 1.3.2 contains a SQL injection vulnerability in multiple PHP files that fail to properly filter the 'sort' parameter. Remote attackers can exploit this to extract sensitive da...