Online Food Ordering System version 2.0 suffers from a cross site scripting vulnerability.
>> CATEGORY: exploit
khugepaged on Linux races with rmap-based zap, races with GUP-fast, and fails to call MMU notifiers.
WordPress Royal Elementor add-ons versions 1.3.59 and below suffer from cross site request forgery, insufficient access control, cross site scripting vulnerabilities.
ADMINA BULGARIA Ltd version 1.0 suffers from a remote SQL injection vulnerability.
AdminSeg version 2.15 suffers from an insecure direct object reference that allows users to access the administrative interface.
BDWeb-Link LMS version 1.11.5 suffers from an insecure direct object reference that allows users to access the administrative interface.
Corpatech CMS version 2 suffers from a remote SQL injection vulnerability.
Dcastalia CMS version 1.2 suffers from an insecure direct object reference that allows users to access the administrative interface.
Deprixa Pro CMS version 3.2.5 appears to leave a default administrative account in place post installation.
WordPress Slider Revolution plugin version 4.6.5 suffers from a remote shell upload vulnerability.