qdPM 9.2 – DB Connection String and Password Exposure (Unauthenticated)
>> CATEGORY: Security
qdPM 9.2 – DB Connection String and Password Exposure (Unauthenticated)
ApacheOfBiz 17.12.01 – Remote Command Execution (RCE) via Unsafe Deserialization of XMLRPC arguments
Hotel Management System 1.0 – Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE)
Men Salon Management System 1.0 – SQL Injection Authentication Bypass
Neo4j 3.4.18 – RMI based Remote Code Execution (RCE)
Online Hotel Reservation System 1.0 – ‘Multiple’ Cross-site scripting (XSS)
Denver IP Camera SHO-110 – Unauthenticated Snapshot
Longjing Technology BEMS API 1.21 – Remote Arbitrary File Download
IntelliChoice eFORCE Software Suite 2.5.9 – Username Enumeration
Care2x Integrated Hospital Info System 2.7 – ‘Multiple’ SQL Injection