WordPress Custom Global Variables plugin version 1.0.5 suffers from a persistent cross site scripting vulnerability.
>> CATEGORY: exploit
ECSIMAGING PACS version 6.21.5 suffers from a remote code execution vulnerability.
iBall-Baton WRA150N Rom-0 backup suffers from a file disclosure vulnerability.
Employee Record System version 1.0 suffers from a remote shell upload vulnerability.
This Metasploit module exploits an unauthenticated directory traversal vulnerability in Apache Flink version 1.11.0.
WordPress Autoptimize plugin suffers from a remote shell upload vulnerability. The ao_ccss_import AJAX call does not ensure that the file provided is a legitimate zip file, allowing high privilege users…
Life Insurance Management System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
Cockpit CMS versions prior to 0.6.1 suffer from a remote code execution vulnerability.
OX App Suite and OX Documents suffer from server-side request forgery and multiple cross site scripting vulnerabilities. Various versions are affected including 7.10.4 and 7.10.3.
Curfew e-Pass Management System version 1.0 suffers from a cross site scripting vulnerability.