Student Management System 1.0 – SQLi Authentication Bypass
>> ARCHIVE: 2021-12
Student Management System 1.0 – SQLi Authentication Bypass
TestLink 1.19 – Arbitrary File Download (Unauthenticated)
Employees Daily Task Management System 1.0 – ‘username’ SQLi Authentication Bypass
Chikitsa Patient Management System 2.0.2 – ‘backup’ Remote Code Execution (RCE) (Authenticated)
Chikitsa Patient Management System 2.0.2 – Remote Code Execution (RCE) (Authenticated)
Simple Online Men’s Salon Management System version 1.0 appears to suffer from a time-based remote SQL injection vulnerability.
HCL Lotus Notes version 12 suffers from an unquoted service path vulnerability.
Microsoft Internet Explorer suffers from an active-x related bypass vulnerability. Microsoft will not address the issue as it is end of life.
Croogo version 3.0.2 suffers from an authenticated remote code execution vulnerability.
RedTeam Pentesting discovered a vulnerability in the web-based configuration management interface of the Auerswald COMfortel 1400 and 2600 IP desktop phones. The vulnerability allows accessing configuration data and settings in…