Sentrifugo CMS version 3.2 suffers from a persistent cross site scripting vulnerability.
>> CATEGORY: exploit
Car Park Management System version 1.0 suffers a remote SQL injection vulnerability that allows for authentication bypass.
iChat version 1.6 suffers from a cross site scripting vulnerability.
KeeWeb version 1.14.0 suffers from an html injection vulnerability.
OpenZ ERP version 3.6.60 suffers from a persistent cross site scripting vulnerability.
Online Clothing Store version 1.0 suffers from an arbitrary file upload vulnerability.
Create-Project Manager version 1.07 suffers from cross site scripting and html injection vulnerabilities.
Draytek VigorAP suffers from a persistent cross site scripting vulnerability. Multiple different versions are affected.
LANCOM WLAN Controller suffers from multiple cross site scripting vulnerabilities. Multiple versions and firmware are affected.
The vulnerability laboratory core research team discovered multiple persistent web vulnerabilities in the Sellacious eCo…