Month: November 2019

[webapps] Adrenalin Core HCM 5.4.0 – 'prntDDLCntrlName' Reflected Cross-Site Scripting

[webapps] Adrenalin Core HCM 5.4.0 – 'strAction' Reflected Cross-Site Scripting

[webapps] CBAS-Web 19.0.0 – 'id' Boolean-based Blind SQL Injection

[webapps] Joomla 3.9.13 – 'Host' Header Injection

[webapps] eMerge E3 1.00-06 – Privilege Escalation

[webapps] eMerge E3 1.00-06 – Remote Code Execution

[webapps] CBAS-Web 19.0.0 – Username Enumeration

[remote] CBAS-Web 19.0.0 – Information Disclosure

[webapps] CBAS-Web 19.0.0 – Cross-Site Request Forgery (Add Super Admin)

[remote] eMerge E3 Access Controller 4.6.07 – Remote Code Execution (Metasploit)