>> CATEGORY: Security

Online Learning Management System 1.0 – ‘id’ SQL Injection

WordPress Epsilon Framework Multiple Themes – Unauthenticated Function Injection

TerraMaster TOS 4.2.06 – Unauthenticated Remote Code Execution (Metasploit)

Baby Care System 1.0 – ‘roleid’ SQL Injection

Victor CMS 1.0 – File Upload To RCE

WordPress Plugin W3 Total Cache – Unauthenticated Arbitrary File Read (Metasploit)

Pandora FMS 7.0 NG 750 – ‘Network Scan’ SQL Injection (Authenticated)

WordPress Plugin Contact Form 7 5.3.1 – Unrestricted File Upload

Queue Management System 4.0.0 – “Add User” Stored XSS

Spotweb 1.4.9 – ‘search’ SQL Injection