>> ARCHIVE: 2021-10

Vehicle Service Management System version 1.0 unauthenticated remote shell upload exploit that uses authentication bypass with SQL injection.

Young Entrepreneur E-Negosyo System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Young Entrepreneur E-Negosyo System version 1.0 suffers from a persistent cross site scripting vulnerability.

Lifestyle Store version 1.0 suffers from a cross site scripting vulnerability.

This script will create a zip file exploiting CVE-2021-1810 by creating a directory hierarchy deep enough for Archive Utility to fail setting quarantine attributes on certain files while also making…

College Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

College Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

College Management System 1.0 suffers from an insecure direct object reference that allows a user to add an administrator without any authentication.

Local Offices Contact Directory Site using PHP and SQLite Free Source Code suffers from a remote SQL injection vulnerability.

Company’s Recruitment Management System in PHP and SQLite Free Source Code suffers from a remote SQL injection vulnerability.