>> CATEGORY: exploit

Hi-Rez Studios version 5.1.6.3 suffers from an unquoted service path vulnerability.

WordPress Mapplic plugin versions 6.1 and below suffer from a server-side request forgery vulnerability that can be leveraged to commit cross site scripting attacks.

WordPress Mapplic-Lite plugin version 1.0 suffers from a server-side request forgery vulnerability that can be leveraged to commit cross site scripting attacks.

ActivIdentity version 8.2 suffers from an unquoted service path vulnerability.

ELAN Touchpad version 15.2.13.1_X64_WHQL suffers from an unquoted service path vulnerability.

Online Reviewer Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

Online Reviewer Management System version 1.0 remote SQL injection exploit that allows for authentication bypass.

Elodea Event Collector version 4.9.3 suffers from an unquoted service path vulnerability.

Hotel And Lodge Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

Online Reviewer Management System version 1.0 suffers from a remote shell upload vulnerability.