Hotel and Lodge Management System 1.0 – Remote Code Execution (Unauthenticated)
>> CATEGORY: Security
Hotel and Lodge Management System 1.0 – Remote Code Execution (Unauthenticated)
Joomla JCK Editor 6.4.4 – ‘parent’ SQL Injection (2)
CatDV 9.2 – RMI Authentication Bypass
Fluig 1.7.0 – Path Traversal
e107 CMS 2.3.0 – CSRF
Online Ordering System 1.0 – Arbitrary File Upload to Remote Code Execution
Local Services Search Engine Management System (LSSMES) 1.0 – Blind & Error based SQL injection (Authenticated)
Local Services Search Engine Management System (LSSMES) 1.0 – ‘name’ Persistent Cross-Site Scripting (XSS)
AnyDesk 5.5.2 – Remote Code Execution
Web Based Quiz System 1.0 – ‘MCQ options’ Persistent/Stored Cross-Site Scripting