>> CATEGORY: exploit

Mara CMS version 7.5 suffers from a cross site scripting vulnerability.

Umbraco CMS version 7.12.4 authenticated remote code execution exploit.

Stock Management System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities in the Brand, Categories, and Product name fields.

Stock Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Stock Management System version 1.0 cross site scripting credential harvesting exploit.

Stock Management System version 1.0 suffers from a cross site request forgery vulnerability.

Microsoft Windows Win32k privilege escalation exploit. An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited…

October CMS builds 465 and below suffer from arbitrary file read, arbitrary file deletion, file uploading to arbitrary locations, persistent and reflective cross site scripting, and CSV injection vulnerabilities.

Daily Tracker System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Daily Tracker System version 1.0 suffers from a cross site scripting vulnerability.