Patient Appointment Scheduler System 1.0 – Persistent/Stored XSS
Patient Appointment Scheduler System 1.0 – Persistent/Stored XSS
Patient Appointment Scheduler System 1.0 – Unauthenticated File Upload & Remote Code Execution (RCE)
Bus Pass Management System 1.0 – ‘viewid’ Insecure direct object references (IDOR)
FlatCore CMS 2.0.7 – Remote Code Execution (RCE) (Authenticated)
OpenEMR 6.0.0 – ‘noteid’ Insecure Direct Object Reference (IDOR)
Argus Surveillance DVR 4.0 – Unquoted Service Path
Windows Defender Application Guard suffers from a denial of service vulnerability when fed an overly long url.
jforum version 2.7.0 suffers from a persistent cross site scripting vulnerability.
Remote Mouse version 4.002 suffers from an unquoted service path vulnerability.
OpenSIS version 8.0 suffers from a local file inclusion vulnerability via a path traversal.