Subscribe via feed.
Archive for December, 2020

[webapps] WordPress Epsilon Framework Multiple Themes – Unauthenticated Function Injection

Posted by deepcore under Security (No Respond)

WordPress Epsilon Framework Multiple Themes – Unauthenticated Function Injection

Tags: ,

[webapps] Online Learning Management System 1.0 – 'id' SQL Injection

Posted by deepcore under Security (No Respond)

Online Learning Management System 1.0 – ‘id’ SQL Injection

Tags: ,

[webapps] Online Learning Management System 1.0 – Multiple Stored XSS

Posted by deepcore under Security (No Respond)

Online Learning Management System 1.0 – Multiple Stored XSS

Tags: ,

[webapps] Online Learning Management System 1.0 – Authentication Bypass

Posted by deepcore under Security (No Respond)

Online Learning Management System 1.0 – Authentication Bypass

Tags: ,

[webapps] Class Scheduling System 1.0 – Multiple Stored XSS

Posted by deepcore under Security (No Respond)

Class Scheduling System 1.0 – Multiple Stored XSS

Tags: ,

Academy LMS 4.3 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Academy LMS version 4.3 suffers from a persistent cross site scripting vulnerability.

Spiceworks 7.5 HTTP Header Injection

Posted by deepcore under exploit (No Respond)

Spiceworks version 7.5 suffers from an HTTP header injection vulnerability.

WordPress Contact Form 7 5.3.1 Shell Upload

Posted by deepcore under exploit (No Respond)

WordPress Contact Form 7 plugin version 5.3.1 suffers from a remote shell upload vulnerability.

Spotweb 1.4.9 SQL Injection

Posted by deepcore under exploit (No Respond)

Spotweb version 1.4.9 suffers from a remote SQL injection vulnerability. Related CVE number: CVE-2020-35545.

SCO Openserver 5.0.7 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

SCO Openserver version 5.0.7 suffers from a cross site scripting vulnerability.