Logitech Media Server 8.2.0 – ‘Title’ Cross-Site Scripting (XSS)
>> ARCHIVE: 2021-10
Logitech Media Server 8.2.0 – ‘Title’ Cross-Site Scripting (XSS)
Student Quarterly Grading System 1.0 – ‘grade’ Stored Cross-Site Scripting (XSS)
Simple Issue Tracker System 1.0 – SQLi Authentication Bypass
Online Learning System 2.0 – ‘Multiple’ SQLi Authentication Bypass
Cypress Solutions CTM-200 2.7.1 – Root Remote OS Command Injection
Pharmacy Point of Sale System 1.0 – ‘Add New User’ Cross-Site Request Forgery (CSRF)
Apache HTTP Server 2.4.50 – Path Traversal & Remote Code Execution (RCE)
Cypress Solutions CTM-200/CTM-ONE – Hard-coded Credentials Remote Root (Telnet/SSH)
Keycloak 12.0.1 – ‘request_uri ‘ Blind Server-Side Request Forgery (SSRF) (Unauthenticated)
Company’s Recruitment Management System 1.0 – ‘Multiple’ SQL Injection (Unauthenticated)