>> AUTHOR: deepcore

Apache Log4j2 versions 2.14.1 and below information disclosure exploit.

Booked Scheduler version 2.75 authenticated remote shell upload exploit.

AbanteCart e-commerce platform versions prior to 1.3.2 suffer from cross site scripting and file upload vulnerabilities.

Zucchetti Axess CLOKI Access Control version 1.64 suffers from a cross site request forgery vulnerability.

Ticket Booking version 1.0 suffers from a remote SQL injection vulnerability.

Online Thesis Archiving System version 1.0 suffers from remote SQL injection and persistent cross site scripting vulnerabilities.

Apache Log4j2 versions 2.0-beta-9 and 2.14.1 remote code execution exploit.

meterN version 1.2.3 suffers from an authenticated remote command execution vulnerability.

WordPress TypeBot plugin version 1.4.3 suffers from a persistent cross site scripting vulnerability.

Laravel Valet version 2.0.3 local privilege escalation exploit for macOS.