ManageEngine ADSelfService Build prior to 6003 – Remote Code Execution (Unauthenticated)
Tags: 0day, remote exploitWarehouse Inventory System 1.0 – Cross-Site Request Forgery (Change Admin Password)
Tags: 0day, remote exploitCodeMeter version 6.60 suffers from an unquoted service path vulnerability.
Tailor Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities.
Car Rental Management System version 1.0 unauthenticated persistent cross site scripting session harvester exploit.
Online Shopping Alphaware version 1.0 suffers from an insecure direct object reference vulnerability.
Online Shopping Alphaware version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
Online Shopping Alphaware version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version attributed to Ahmed Abbas.
ACTi NVR3 Standard or Professional Server version 3.0.12.42 denial of service proof of concept exploit.
QlikView version 12.50.20000.0 denial of service proof of concept exploit.