Croogo 3.0.2 – Unrestricted File Upload
Croogo 3.0.2 – Unrestricted File Upload
Croogo 3.0.2 – ‘Multiple’ Stored Cross-Site Scripting (XSS)
Cibele Thinfinity VirtualUI 2.5.41.0 – User Enumeration
Apache Log4j2 versions 2.14.1 and below information disclosure exploit.
Booked Scheduler version 2.75 authenticated remote shell upload exploit.
AbanteCart e-commerce platform versions prior to 1.3.2 suffer from cross site scripting and file upload vulnerabilities.
Zucchetti Axess CLOKI Access Control version 1.64 suffers from a cross site request forgery vulnerability.
Ticket Booking version 1.0 suffers from a remote SQL injection vulnerability.
Apache Log4j2 versions 2.0-beta-9 and 2.14.1 remote code execution exploit.
Online Thesis Archiving System version 1.0 suffers from remote SQL injection and persistent cross site scripting vulnerabilities.