>> CATEGORY: Security

Water Billing System 1.0 – ‘username’ and ‘password’ parameters SQL Injection

WordPress Plugin Good LMS 2.1.4 – ‘id’ Unauthenticated SQL Injection

Customer Support System 1.0 – ‘description’ Stored XSS in The Admin Panel

Customer Support System 1.0 – Cross-Site Request Forgery

Customer Support System 1.0 – ‘username’ Authentication Bypass

CMSUno 1.6.2 – ‘user’ Remote Code Execution (Authenticated)

Car Rental Management System 1.0 – SQL injection + Arbitrary File Upload

ShoreTel Conferencing 19.46.1802.0 – Reflected Cross-Site Scripting

Anuko Time Tracker 1.19.23.5325 – CSV/Formula Injection

HP Display Assistant x64 Edition 3.20 – ‘DTSRVC’ Unquoted Service Path