>> ARCHIVE: 2021-09
AlphaWeb XE – File Upload Remote Code Execution (RCE) (Authenticated)
Seowon 130-SLC router – ‘queriesCnt’ Remote Code Execution (Unauthenticated)
Evolution CMS 3.1.6 – Remote Code Execution (RCE) (Authenticated)
Support Board 3.3.3 – ‘Multiple’ SQL Injection (Unauthenticated)
DMA Softlab Radius Manager version 4.4.0 chained exploit written in go that exploits session management and cross site scripting vulnerabilities.
Purchase Order Management System 1.0 – Remote File Upload
Men Salon Management System 1.0 – Multiple Vulnerabilities
Active WebCam 11.5 – Unquoted Service Path
Apartment Visitor Management System (AVMS) 1.0 – SQLi to RCE