Flexmonster Pivot Table & Charts 2.7.17 – ‘To remote CSV’ Reflected XSS
>> AUTHOR: deepcore
Flexmonster Pivot Table & Charts 2.7.17 – ‘To remote CSV’ Reflected XSS
Flexmonster Pivot Table & Charts 2.7.17 – ‘Remote JSON’ Reflected XSS
Point of Sale System 1.0 – Multiple Stored XSS
SCO Openserver 5.0.7 – ‘outputform’ Command Injection
SCO Openserver 5.0.7 – ‘section’ Reflected XSS
Alumni Management System version 1.0 suffers from a remote shell upload vulnerability. Original discovery for this vulnerability in this version is attributed to Valerio Alessandroni.
Point of Sale System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Smart Hospital version 3.1 suffers from a persistent cross site scripting vulnerability.
Alumni Management System version 1.0 suffers from a remote SQL injection vulnerability. SQL injection was originally discovered in this version in October of 2020 by Ankita Pal.
SyncBreeze version 10.0.28 suffers from a denial of service vulnerability.