Build Smart ERP 21.0817 – ‘eidValue’ SQL Injection (Unauthenticated)
Build Smart ERP 21.0817 – ‘eidValue’ SQL Injection (Unauthenticated)
Netgear Genie 2.4.64 – Unquoted Service Path
Engineers Online Portal 1.0 – File Upload Remote Code Execution (RCE)
Hikvision Web Server Build 210702 – Command Injection
Gestionale Open 11.00.00 – Local Privilege Escalation
WordPress Plugin TaxoPress 3.0.7.1 – Stored Cross-Site Scripting (XSS) (Authenticated)
Engineers Online Portal 1.0 – ‘multiple’ Stored Cross-Site Scripting (XSS)
Online Event Booking and Reservation System 1.0 – ‘reason’ Stored Cross-Site Scripting (XSS)
phpMyAdmin 4.8.1 – Remote Code Execution (RCE)
WordPress 4.9.6 – Arbitrary File Deletion (Authenticated) (2)