WordPress Plugin Secure Copy Content Protection and Content Locking 2.8.1 – SQL-Injection (Unauthenticated)
>> ARCHIVE: 2022-02
Home Owners Collection Management System 1.0 – ‘id’ Blind SQL Injection
Home Owners Collection Management System 1.0 – Remote Code Execution (RCE) (Authenticated)
Hospital Management Startup 1.0 – ‘Multiple’ SQLi
Home Owners Collection Management System 1.0 – Account Takeover (Unauthenticated)
Cain & Abel 4.9.56 – Unquoted Service Path
WordPress Plugin Contact Form Builder 1.6.1 – Cross-Site Scripting (XSS)
FileBrowser versions 2.17.2 and below suffer from a cross site request forgery vulnerability that can lead to remote code execution.
WordPress Security Audit plugin version 1.0.0 suffers from a persistent cross site scripting vulnerability.
WordPress CP Blocks plugin version 1.0.14 suffers from a persistent cross site scripting vulnerability.