>> CATEGORY: Security

ManageEngine ADManager Plus 6.5.7 – Cross-Site Scripting

WordPress Plugin Gift Voucher 1.0.5 – ‘template_id’ SQL Injection

Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 – Remote Code Execution

UltimatePOS 2.5 – Remote Code Execution

ManageEngine ADManager Plus 6.5.7 – HTML Injection

SkypeApp 12.8.487.0 – ‘Cuenta de Skype o Microsoft’ Denial of Service (PoC)

Vox TG790 ADSL Router – Cross-Site Request Forgery (Add Admin)

CuteFTP 8.3.1 – Denial Of Service (PoC)

Twitter-Clone 1 – ‘code’ SQL Injection

PCViewer vt1000 – Directory Traversal