We-Com Municipality Portal CMS version 2.1.x suffers from cross site scripting and remote SQL injection vulnerabilities.
>> CATEGORY: exploit
We-Com OpenData CMS version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Avast suffers from an out-of-bounds copy vulnerability in Array.prototype.toString.
This archive contains all of the 166 exploits added to Packet Storm in May, 2020.
Various PanaceaSoft products appear to suffer from a shell upload vulnerability.
WordPress Multi-Scheduler plugin version 1.0.0 suffers from a cross site request forgery vulnerability.
Crystal Shard http-protection version 0.2.0 suffers from an IP spoofing bypass vulnerability.
Kuicms PHP EE version 2.0 suffers from a persistent cross site scripting vulnerability.
Online Marriage Registration System version 1.0 suffers from a persistent cross site scripting vulnerability.
LimeSurvey version 4.1.11 suffers from a persistent cross site scripting vulnerability.