>> CATEGORY: exploit

Sielco PolyEco Digital FM Transmitter version 2.0.6 uses a weak set of default administrative credentials that can be easily guessed in remote password attacks to gain full control of the…

Bludit version 4.0.0-rc-2 suffers from an account takeover vulnerability due to an API key that can be abused to change the administrative password.

Bludit version 4.0.0-rc-2 suffers from an account takeover vulnerability due to an API key that can be abused to change the administrative password.

Icinga Web version 2.10 suffers from an arbitrary file disclosure vulnerability.

Altenergy Power Control Software version C1.2.5 suffers from a command injection vulnerability.

Restaurant Management System version 1.0 suffers from a remote SQL injection vulnerability.

ENTAB ERP version 1.0 suffers from a username information leak due to a lack of rate limiting.

Online Appointment System version 1.0 suffers from a cross site scripting vulnerability.

ActFax version 10.10 suffers from an unquoted service path vulnerability.