Employee Record Management System version 1.2 suffers from a persistent cross site scripting vulnerability.
>> AUTHOR: deepcore
Online Covid Vaccination Scheduler System version 1.0 suffers from a remote shell upload vulnerability.
ASProtect embeds a runtime DLL that is susceptible to memory corruption. Crash testcase provided.
Wyomind Help Desk version 1.3.6 suffers from remote shell upload, cross site scripting, and directory traversal vulnerabilities.
Zoo Management System 1.0 – ‘Multiple’ Stored Cross-Site-Scripting (XSS)
Church Management System 1.0 – SQL Injection (Authentication Bypass) + Arbitrary File Upload + RCE
Online Covid Vaccination Scheduler System version 1.0 suffers from a remote time-based blind SQL injection vulnerability.
Docker Dashboard suffers from a remote command execution vulnerability. The fix is added in commit 79cdc41.
Rocket.Chat 3.12.1 unauthenticated NoSQL injection to remote code execution exploit.
WordPress Plainview Activity Monitor plugin version 20161228 authenticated remote code execution exploit.