Pharmacy Point of Sale System version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to Janik Wehrli in September of…
>> ARCHIVE: 2021-10
WordPress JS Jobs Manager plugin version 1.1.7 suffers from an unauthenticated plugin installation and activation vulnerability.
Cmsimple version 5.4 authenticated remote code execution exploit.
PlaceOS version 1.2109.1 suffers from an open redirection vulnerability.
CMSimple_XH 1.7.4 – Remote Code Execution (RCE) (Authenticated)
WhatsUpGold 21.0.3 – Stored Cross-Site Scripting (XSS)
Vehicle Service Management System 1.0 – Remote Code Execution (RCE) (Unauthenticated)
Phpwcms 1.9.30 – File Upload to XSS
Blood Bank System 1.0 – SQL Injection / Authentication Bypass
Exam Form Submission System 1.0 – SQL Injection Authentication Bypass