All-Dynamics Digital Signage System 2.0.2 – Cross-Site Request Forgery (Add Admin)
>> ARCHIVE: 2020-08
All-Dynamics Digital Signage System 2.0.2 – Cross-Site Request Forgery (Add Admin)
http://mueang.trang.doae.go.th notified by Zeerx7
Victor CMS 1.0 – ‘Search’ SQL Injection
Car Rental Management System version 1.0 suffers from a persistent cross site scripting vulnerability.
Car Rental Management System version 1.0 unauthenticated remote code execution exploit.
Pi-hole version 4.3.2 authenticated remote code execution exploit.
RTSP for iOS version 1.0 denial of service proof of concept exploit.
Daily Expenses Management System version 1.0 suffers from a remote SQL injection vulnerability.
Mocha Telnet Lite for iOS version 4.2 denial of service proof of concept exploit.
Gantt-Chart for Jira versions 5.5.3 and below misses a privilege check which allows an attacker to read and write the module configuration for other users.