>> CATEGORY: Security

Horde Groupware Webmail 5.2.22 – Stored XSS

Tileserver-gl 3.0.0 – ‘key’ Reflected Cross-Site Scripting (XSS)

Digital Crime Report Management System 1.0 – SQL Injection (Authentication Bypass)

CITSmart ITSM 9.1.2.22 – LDAP Injection

CITSmart ITSM 9.1.2.27 – ‘query’ Time-based Blind SQL Injection (Authenticated)

Genexis PLATINUM 4410 2.1 P4410-V2-1.28 – RCE

jQuery 1.2 – Cross-Site Scripting (XSS)

Simple Student Information System 1.0 – SQL Injection (Authentication Bypass)

Blitar Tourism 1.0 – Authentication Bypass SQLi

ExpressVPN VPN Router 1.0 – Router Login Panel’s Integer Overflow