A vulnerability exists within the polkit system service that can be leveraged by a local, unprivileged attacker to perform privileged operations. In order to leverage the vulnerability, the attacker invokes…
WordPress SP Project and Document Manager plugin version 4.21 suffers from a remote shell upload vulnerability.
Employee Record Management System version 1.2 suffers from a persistent cross site scripting vulnerability.
Online Covid Vaccination Scheduler System version 1.0 suffers from a remote shell upload vulnerability.
ASProtect embeds a runtime DLL that is susceptible to memory corruption. Crash testcase provided.
Wyomind Help Desk version 1.3.6 suffers from remote shell upload, cross site scripting, and directory traversal vulnerabilities.
Zoo Management System 1.0 – ‘Multiple’ Stored Cross-Site-Scripting (XSS)
Church Management System 1.0 – SQL Injection (Authentication Bypass) + Arbitrary File Upload + RCE
Online Covid Vaccination Scheduler System version 1.0 suffers from a remote time-based blind SQL injection vulnerability.
Docker Dashboard suffers from a remote command execution vulnerability. The fix is added in commit 79cdc41.