Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code executio

SQL injection vulnerability in index.php in DreamPics Builder allows remote attackers to execute arbitrary SQL commands via the page parameter.