>> CATEGORY: Security

VestaCP 0.9.8 – ‘v_interface’ Add IP Stored XSS

rConfig 3.9.6 – Arbitrary File Upload to Remote Code Execution (Authenticated)

SEO Panel 4.8.0 – ‘order_col’ Blind SQL Injection

Hestia Control Panel 1.3.2 – Arbitrary File Write

WoWonder Social Network Platform 3.1 – ‘event_id’ SQL Injection

VestaCP 0.9.8 – File Upload CSRF

GeoGebra Graphing Calculato‪r‬ 6.0.631.0 – Denial Of Service (PoC)

Alphaware E-Commerce System 1.0 – Unauthenicated Remote Code Execution (File Upload + SQL injection)

GeoGebra Classic 5.0.631.0-d – Denial of Service (PoC)

GeoGebra CAS Calculato‪r‬ 6.0.631.0 – Denial of Service (PoC)