>> CATEGORY: Security

Small CRM 2.0 – ’email’ SQL Injection

Online Students Management System 1.0 – ‘username’ SQL Injections

MedDream PACS Server 6.8.3.751 – Remote Code Execution (Unauthenticated)

Liman 0.7 – Cross-Site Request Forgery (Change Password)

Cisco ASA and FTD 9.6.4.42 – Path Traversal

Kentico CMS 9.0-12.0.49 – Persistent Cross Site Scripting

DynPG 4.9.1 – Persistent Cross-Site Scripting (Authenticated)

openMAINT 1.1-2.4.2 – Arbitrary File Upload

SEO Panel 4.6.0 – Remote Code Execution

D-Link DSR-250N 3.12 – Denial of Service (PoC)