PostgreSQL 9.3-11.7 – Remote Code Execution (RCE) (Authenticated)
PostgreSQL 9.3-11.7 – Remote Code Execution (RCE) (Authenticated)
CSZ CMS 1.2.9 – ‘Multiple’ Blind SQLi(Authenticated)
WordPress Plugin video-synchro-pdf 1.7.4 – Local File Inclusion
WordPress Plugin cab-fare-calculator 1.0.3 – Local File Inclusion
WordPress Plugin Curtain 1.0.2 – Cross-site Request Forgery (CSRF)
Atom CMS 2.0 – Remote Code Execution (RCE)
ImpressCMS 1.4.2 – Remote Code Execution (RCE)
Message System version 1.0 suffers from a remote shell upload vulnerability.
One Church Management System version 1.0 suffers from multiple cross site scripting vulnerabilities.
Microfinance Management System version suffers from multiple remote SQL injection vulnerabilities including one that allows for authentication bypass. Original discovery of SQL injection in this version is attributed to Hejap…