Victor CMS 1.0 – Authenticated Arbitrary File Upload
>> ARCHIVE: 2020-05
Victor CMS 1.0 – Authenticated Arbitrary File Upload
Victor CMS 1.0 – ‘comment_author’ Persistent Cross-Site Scripting
NukeViet VMS 4.4.00 – Cross-Site Request Forgery (Change Admin Password)
Submitty 20.04.01 – Persistent Cross-Site Scripting
php-fusion 9.03.50 – ‘ctype’ SQL Injection
Victor CMS 1.0 – ‘cat_id’ SQL Injection
qdPM 9.1 – ‘cfg[app_app_name]’ Persistent Cross-Site Scripting
HP LinuxKI 6.01 – Remote Command Injection
Online Healthcare management system 1.0 – Authentication Bypass
Mikrotik Router Monitoring System 1.2.3 – ‘community’ SQL Injection