WordPress Epsilon Framework Multiple Themes – Unauthenticated Function Injection
Tags:
0day,
remote exploit
Online Learning Management System 1.0 – ‘id’ SQL Injection
Tags:
0day,
remote exploit
Online Learning Management System 1.0 – Multiple Stored XSS
Tags:
0day,
remote exploit
Online Learning Management System 1.0 – Authentication Bypass
Tags:
0day,
remote exploit
Class Scheduling System 1.0 – Multiple Stored XSS
Tags:
0day,
remote exploit
Academy LMS version 4.3 suffers from a persistent cross site scripting vulnerability.
Spiceworks version 7.5 suffers from an HTTP header injection vulnerability.
WordPress Contact Form 7 plugin version 5.3.1 suffers from a remote shell upload vulnerability.
Spotweb version 1.4.9 suffers from a remote SQL injection vulnerability. Related CVE number: CVE-2020-35545.
SCO Openserver version 5.0.7 suffers from a cross site scripting vulnerability.