b2evolution 7.2.2 – ‘edit account details’ Cross-Site Request Forgery (CSRF)
>> CATEGORY: Security
b2evolution 7.2.2 – ‘edit account details’ Cross-Site Request Forgery (CSRF)
AKCP sensorProbe SPX476 – ‘Multiple’ Cross-Site Scripting (XSS)
WordPress Plugin Modern Events Calendar 5.16.2 – Remote Code Execution (Authenticated)
Scratch Desktop 3.17 – Cross-Site Scripting/Remote Code Execution (XSS/RCE)
Vianeos OctoPUS 5 – ‘login_user’ SQLi
Online Voting System 1.0 – Remote Code Execution (Authenticated)
Online Voting System 1.0 – Authentication Bypass (SQLi)
WordPress Plugin XCloner 4.2.12 – Remote Code Execution (Authenticated)
Doctors Patients Management System 1.0 – SQL Injection (Authentication Bypass)
Apache Superset 1.1.0 – Time-Based Account Enumeration