RATES SYSTEM 1.0 – ‘Multiple’ SQL Injections
>> CATEGORY: Security
RATES SYSTEM 1.0 – ‘Multiple’ SQL Injections
IPCop 2.1.9 – Remote Code Execution (RCE) (Authenticated)
Amica Prodigy 1.7 – Privilege Escalation
Cockpit CMS 0.11.1 – ‘Username Enumeration & Password Reset’ NoSQL Injection
Moodle 3.9 – Remote Code Execution (RCE) (Authenticated)
CMSuno 1.7 – ‘tgo’ Stored Cross-Site Scripting (XSS) (Authenticated)
GFI Mail Archiver 15.1 – Telerik UI Component Arbitrary File Upload (Unauthenticated)
Client Management System 1.1 – ‘cname’ Stored Cross-site scripting (XSS)
WordPress Plugin WP Customize Login 1.1 – ‘Change Logo Title’ Stored Cross-Site Scripting (XSS)
qdPM 9.1 – Remote Code Execution (RCE) (Authenticated)