CSZ CMS version 1.2.9 suffers from multiple cross site scripting vulnerabilities.
>> ARCHIVE: 2021-01
Fluentd TD-agent plugin version 4.0.1 suffers from an insecure folder permission vulnerability.
Responsive FileManager version 9.13.4 path traversal exploit. Original discovery of this finding is attributed to farisv in December of 2018.
Baby Care System version 1.0 suffers from a persistent cross site scripting vulnerability.
Responsive ELearning System version 1.0 suffers from a remote SQL injection vulnerability.
Resumes Management and Job Application Website version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Klog Server version 2.4.1 suffers from a remote command injection vulnerability.
WordPress Stripe Payments plugin version 2.0.39 suffers from a persistent cross site scripting vulnerability.
WordPress WP-Paginate plugin version 2.1.3 suffers from a persistent cross site scripting vulnerability.
Online Learning Management System 1.0 remote command execution exploit. Remote shell upload was already discovered in this version in October of 2020 by Jyotsna Adhana.