XOS Shop 1.0.9 – ‘Multiple’ Arbitrary File Deletion (Authenticated)
>> CATEGORY: Security
XOS Shop 1.0.9 – ‘Multiple’ Arbitrary File Deletion (Authenticated)
WordPress Plugin Simple Post 1.1 – ‘Text field’ Stored Cross-Site Scripting (XSS)
ElasticSearch 7.13.3 – Memory disclosure
KevinLAB BEMS 1.0 – Undocumented Backdoor Account
KevinLAB BEMS 1.0 – Unauthenticated SQL Injection / Authentication Bypass
KevinLAB BEMS 1.0 – File Path Traversal Information Disclosure (Authenticated)
CSZ CMS 1.2.9 – ‘Multiple’ Arbitrary File Deletion
WordPress Plugin KN Fix Your Title 1.0.1 – ‘Separator’ Stored Cross-Site Scripting (XSS)
WordPress Plugin LearnPress 3.2.6.8 – Privilege Escalation
WordPress Plugin LearnPress 3.2.6.7 – ‘current_items’ SQL Injection (Authenticated)