WordPress JS Jobs Manager plugin version 1.1.7 suffers from an unauthenticated plugin installation and activation vulnerability.
Cmsimple version 5.4 authenticated remote code execution exploit.
PlaceOS version 1.2109.1 suffers from an open redirection vulnerability.
CMSimple_XH 1.7.4 – Remote Code Execution (RCE) (Authenticated)
WhatsUpGold 21.0.3 – Stored Cross-Site Scripting (XSS)
Vehicle Service Management System 1.0 – Remote Code Execution (RCE) (Unauthenticated)
Phpwcms 1.9.30 – File Upload to XSS
Blood Bank System 1.0 – SQL Injection / Authentication Bypass
Exam Form Submission System 1.0 – SQL Injection Authentication Bypass
Dairy Farm Shop Management System 1.0 – SQL Injection Authentication Bypass