WordPress Epsilon Framework Multiple Themes – Unauthenticated Function Injection
>> ARCHIVE: 2020-12
WordPress Epsilon Framework Multiple Themes – Unauthenticated Function Injection
Online Learning Management System 1.0 – ‘id’ SQL Injection
Online Learning Management System 1.0 – Multiple Stored XSS
Online Learning Management System 1.0 – Authentication Bypass
Class Scheduling System 1.0 – Multiple Stored XSS
Academy LMS version 4.3 suffers from a persistent cross site scripting vulnerability.
Spiceworks version 7.5 suffers from an HTTP header injection vulnerability.
WordPress Contact Form 7 plugin version 5.3.1 suffers from a remote shell upload vulnerability.
Spotweb version 1.4.9 suffers from a remote SQL injection vulnerability. Related CVE number: CVE-2020-35545.
SCO Openserver version 5.0.7 suffers from a cross site scripting vulnerability.