Pharmacy Point of Sale System version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to Janik Wehrli in September of 2021.
WordPress JS Jobs Manager 1.1.7 Authorization Bypass
WordPress JS Jobs Manager plugin version 1.1.7 suffers from an unauthenticated plugin installation and activation vulnerability.
Cmsimple 5.4 Remote Code Execution
Cmsimple version 5.4 authenticated remote code execution exploit.
PlaceOS 1.2109.1 Open Redirection
PlaceOS version 1.2109.1 suffers from an open redirection vulnerability.
[webapps] CMSimple_XH 1.7.4 – Remote Code Execution (RCE) (Authenticated)
CMSimple_XH 1.7.4 – Remote Code Execution (RCE) (Authenticated)
[webapps] WhatsUpGold 21.0.3 – Stored Cross-Site Scripting (XSS)
WhatsUpGold 21.0.3 – Stored Cross-Site Scripting (XSS)
[webapps] Vehicle Service Management System 1.0 – Remote Code Execution (RCE) (Unauthenticated)
Vehicle Service Management System 1.0 – Remote Code Execution (RCE) (Unauthenticated)
[webapps] Phpwcms 1.9.30 – File Upload to XSS
Phpwcms 1.9.30 – File Upload to XSS
[webapps] Blood Bank System 1.0 – SQL Injection / Authentication Bypass
Blood Bank System 1.0 – SQL Injection / Authentication Bypass
[webapps] Exam Form Submission System 1.0 – SQL Injection Authentication Bypass
Exam Form Submission System 1.0 – SQL Injection Authentication Bypass