Dolibarr 11.0.3 – Persistent Cross-Site Scripting
>> CATEGORY: Security
Dolibarr 11.0.3 – Persistent Cross-Site Scripting
Druva inSync Windows Client 6.6.3 – Local Privilege Escalation
Gym Management System 1.0 – Unauthenticated Remote Code Execution
WebLogic Server – Deserialization RCE – BadAttributeValueExpException (Metasploit)
AbsoluteTelnet 11.21 – ‘Username’ Denial of Service (PoC)
forma.lms 5.6.40 – Cross-Site Request Forgery (Change Admin Email)
CraftCMS 3 vCard Plugin 1.0.0 – Remote Code Execution
qdPM 9.1 – ‘cfg[app_app_name]’ Persistent Cross-Site Scripting
Victor CMS 1.0 – ‘cat_id’ SQL Injection
php-fusion 9.03.50 – ‘ctype’ SQL Injection