Customer Support System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
>> CATEGORY: exploit
Customer Support System version 1.0 suffers from a cross site request forgery vulnerability.
Customer Support System version 1.0 suffers from a persistent cross site scripting vulnerability.
Microsoft Windows suffers from a local spooler bypass vulnerability.
Car Rental Management System version 1.0 remote SQL injection and shell upload exploit.
ShoreTel Conferencing version 19.46.1802.0 suffers from a cross site scripting vulnerability.
Anuko Time Tracker version 1.19.23.5325 suffers from a CSV formula injection vulnerability.
The WordPress File Manager (wp-file-manager) plugin versions 6.0 through 6.8 allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to…