Home Owners Collection Management System 1.0 – Account Takeover (Unauthenticated)
Home Owners Collection Management System 1.0 – Account Takeover (Unauthenticated)
Cain & Abel 4.9.56 – Unquoted Service Path
WordPress Plugin Contact Form Builder 1.6.1 – Cross-Site Scripting (XSS)
FileBrowser versions 2.17.2 and below suffer from a cross site request forgery vulnerability that can lead to remote code execution.
WordPress Security Audit plugin version 1.0.0 suffers from a persistent cross site scripting vulnerability.
WordPress CP Blocks plugin version 1.0.14 suffers from a persistent cross site scripting vulnerability.
WordPress Contact Form Builder plugin version 1.6.1 suffers from a cross site scripting vulnerability.
Hotel Reservation System version 1.0 suffers from a remote SQL injection vulnerability.
WordPress Simple Job Board plugin version 2.9.3 suffers from a local file inclusion vulnerability.
Wing FTP Server versions 4.3.8 and below suffer from an authenticated remote code execution vulnerability.