Croogo 3.0.2 – ‘Multiple’ Stored Cross-Site Scripting (XSS)
Croogo 3.0.2 – ‘Multiple’ Stored Cross-Site Scripting (XSS)
Cibele Thinfinity VirtualUI 2.5.41.0 – User Enumeration
Apache Log4j2 versions 2.14.1 and below information disclosure exploit.
Booked Scheduler version 2.75 authenticated remote shell upload exploit.
AbanteCart e-commerce platform versions prior to 1.3.2 suffer from cross site scripting and file upload vulnerabilities.
Zucchetti Axess CLOKI Access Control version 1.64 suffers from a cross site request forgery vulnerability.
Ticket Booking version 1.0 suffers from a remote SQL injection vulnerability.
Apache Log4j2 versions 2.0-beta-9 and 2.14.1 remote code execution exploit.
Online Thesis Archiving System version 1.0 suffers from remote SQL injection and persistent cross site scripting vulnerabilities.
meterN version 1.2.3 suffers from an authenticated remote command execution vulnerability.