2021 May

[webapps] Student Management System 1.0 – 'message' Persistent Cross-Site Scripting (Authenticated)

Posted by deepcore under Security (No Respond)

Student Management System 1.0 – ‘message’ Persistent Cross-Site Scripting (Authenticated)

Tags: 0day, remote exploit

Posted by deepcore under exploit (No Respond)

Hexagon G!nius Auskunftsportal versions prior to 5.0.0.0 suffer from a remote SQL injection vulnerability.

Posted by deepcore under exploit (No Respond)

Customer Relationship Management (CRM) System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Posted by deepcore under exploit (No Respond)

Customer Relationship Management (CRM) System version 1.0 suffers from a persistent cross site scripting vulnerability.

Posted by deepcore under exploit (No Respond)

Customer Relationship Management (CRM) System version 1.0 suffers from a remote shell upload vulnerability.

Posted by deepcore under exploit (No Respond)

Odoo version 12.0.20190101 suffers from an unquoted service path vulnerability.

Posted by deepcore under exploit (No Respond)

Splinterware System Scheduler Professional version 5.30 suffers an unquoted service path vulnerability.

Posted by deepcore under exploit (No Respond)

Android NFC suffers from a type confusion vulnerability in nfa_rw_sys_disable.

Posted by deepcore under exploit (No Respond)

Chevereto version 3.17.1 suffers from a persistent cross site scripting vulnerability.

Posted by deepcore under exploit (No Respond)

Backdoor.Win32.Delf.zho malware suffers from bypass and code execution vulnerabilities.