>> CATEGORY: Security

ExpertGPS 6.38 – XML External Entity Injection

QuickDate 1.3.2 – SQL Injection

ELAN Smart-Pad 11.10.15.1 – ‘ETDService’ Unquoted Service Path

TapinRadio 2.12.3 – ‘address’ Denial of Service (PoC)

AbsoluteTelnet 11.12 – ‘SSH2/username’ Denial of Service (PoC)

TapinRadio 2.12.3 – ‘username’ Denial of Service (PoC)

Online Job Portal 1.0 – Remote Code Execution

RarmaRadio 2.72.4 – ‘server’ Denial of Service (PoC)

RarmaRadio 2.72.4 – ‘username’ Denial of Service (PoC)

Online Job Portal 1.0 – Cross Site Request Forgery (Add User)