>> CATEGORY: exploit

ChurchCRM version 4.2.0 suffers from a CSV formula injection vulnerability.

ChurchCRM version 4.2.1 suffers from a persistent cross site scripting vulnerability.

WordPress WP-FileManager plugin version 6.8 remote code execution exploit.

Car Rental Management System version 1.0 suffers from local file inclusion and remote SQL injection vulnerabilities.

Ksix Zigbee devices playback protection bypass proof of concept exploit.

Simple College Website version 1.0 suffers from a local file inclusion vulnerability.

TypeSetter version 5.1 suffers from a cross site request forgery vulnerability.

SciKit-Learn version 0.23.2 suffers from a denial of service vulnerability.

WordPress EventON Calendar plugin version 3.0.5 suffers from a cross site scripting vulnerability.

eClass LMS version 2.6 suffers from a remote shell upload vulnerability.