Vulnerabilities

    GMS-2016-84 Remote Code Execution

    Flow-SA-2016-001 Time-Based Information Disclosure Vulnerability

    CVE-2013-2185 Arbitrary file upload via deserialization

    GMS-2016-80 Local File Inclusion Vulnerability

    GMS-2016-77 SQL Injection via like, contains, startsWith, endsWith

    GMS-2016-82 SQL Injection

    GMS-2016-81 Potential SQL Injection

    GMS-2016-78 Improper Escaping of Bound Arrays

    GMS-2016-76 SQL Injection via LIMIT and ORDER

    GMS-2016-83 Forgeable Public/Private Tokens