Online Course Registration version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
>> ARCHIVE: 2020-06
Castel NextGen DVR version 1.0.0 suffers from authorization bypass, credential disclosure, and cross site request forgery vulnerabilities.
This Metasploit module exploits an authentication bypass and directory traversals in Cisco UCS Director versions prior to 6.7.4.0 to leak the administrator’s REST API key and execute a Cloupia script…
Avaya IP Office versions 9.1.8.0 through 11 suffer from an insecure transit vulnerability that allows for password disclosure.
WinGate version 9.4.1.5998 suffers from an insecure permissions vulnerability that allows for privilege escalation.
http://www.lerdsin.go.th notified by saeed0511
AirControl version 1.4.2 suffers from a pre-authentication remote code execution vulnerability.
IObit Uninstaller version 9.5.0.15 suffers from an IObit Uninstaller Service unquoted service path vulnerability.
Clinic Management System version 1.0 suffers from an unauthenticated remote code execution vulnerability.
Navigate CMS version 2.8.7 suffers from an authenticated remote SQL injection vulnerability.