>> CATEGORY: Security

b2evolution 6.11.6 – ‘tab3’ Reflected XSS

Openlitespeed WebServer 1.7.8 – Command Injection (Authenticated) (2)

b2evolution 6.11.6 – ‘plugin name’ Stored XSS

Online Car Rental System 1.0 – Stored Cross Site Scripting

AnyTXT Searcher 1.2.394 – ‘ATService’ Unquoted Service Path

Epson USB Display 1.6.0.0 – ‘EMP_UDSA’ Unquote Service Path

Adobe Connect 10 – Username Disclosure

Jenzabar 9.2.2 – ‘query’ Reflected XSS.

WordPress Plugin Welcart e-Commerce 2.0.0 – ‘search[order_column][0]’ SQL injection

Millewin 13.39.146.1 – Local Privilege Escalation