Cmsimple 5.4 – Remote Code Execution (RCE) (Authenticated)
[webapps] Cyber Cafe Management System Project (CCMS) 1.0 – SQL Injection Authentication Bypass
Cyber Cafe Management System Project (CCMS) 1.0 – SQL Injection Authentication Bypass
[webapps] WordPress Plugin JS Jobs Manager 1.1.7 – Unauthenticated Plugin Install/Activation
WordPress Plugin JS Jobs Manager 1.1.7 – Unauthenticated Plugin Install/Activation
Pet Shop Management System 1.0 Shell Upload
Pet Shop Management System version 1.0 suffers from a remote shell upload vulnerability.
WordPress TranslatePress 2.0.8 Cross Site Scripting
WordPress TranslatePress plugin version 2.0.8 suffers from a persistent cross site scripting vulnerability.
WordPress Contact Form 1.7.14 Cross Site Scripting
WordPress Contact Form plugin version 1.7.14 suffers from a cross site scripting vulnerability.
WordPress Popup 1.10.4 Cross Site Scripting
WordPress Popup plugin version 1.10.4 suffers from a cross site scripting vulnerability.
Apache James Server 2.3.2 Remote Command Execution
Apache James Server version 2.3.2 remote command execution exploit.
WordPress Ultimate Maps 1.2.4 Cross Site Scripting
WordPress Ultimate Maps plugin version 1.2.4 suffers from a cross site scripting vulnerability.
FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Cross Site Request Forgery
The application interface FatPipe Networks WARP/IPVPN/MPVPN version 10.2.2 allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.