Blog Master Pro version 1.0 suffers from a CSV injection vulnerability.
>> ARCHIVE: 2018-04
Blog Master Pro version 1.0 suffers from a CSV injection vulnerability.
HRSALE The Ultimate HRM version 1.0.2 suffers from a CSV injection vulnerability.
HRSALE The Ultimate HRM version 1.0.2 suffers from a remote SQL injection vulnerability.
Sitecore.NET version 8.1 suffers from a directory traversal vulnerability.
A lack of validation on cookie values allows you to login as any user on hik-connect.com and ezvizlife.com.
October CMS User plugin version 1.4.5 suffers from a persistent cross site scripting vulnerability.
SickRage versions prior to 2018.03.09 return clear-text credentials in HTTP responses.
WordPress WP with Spritz plugin version 1.0 suffers from local and remote file inclusion vulnerabilities.
Jfrog Artifactory versions prior to 4.16 suffer from unauthenticated arbitrary file upload and remote command execution vulnerabilities.
This is a simple proof of concept exploit for Drupal versions prior to 7.58 that demonstrate the drupalgeddon3 authenticated remote code execution vulnerability.