perfexcrm 1.10 – ‘State’ Stored Cross-site scripting (XSS)

Visual Tools DVR VX16 4.2.28.0 – OS Command Injection (Unauthenticated)

Phone Shop Sales Managements System 1.0 – Authentication Bypass (SQLi)

Visual Tools DVR VX16 4.2.28 – Local Privilege Escalation

Exam Hall Management System 1.0 – Unrestricted File Upload (Unauthenticated)

Pallets Werkzeug 0.15.4 – Path Traversal

Billing System Project 1.0 – Remote Code Execution (RCE) (Unauthenticated)

Netgear DGN2200v1 – Remote Command Execution (RCE) (Unauthenticated)

Black Box Kvm Extender 3.4.31307 – Local File Inclusion

OpenEMR 5.0.1.7 – ‘fileName’ Path Traversal (Authenticated) (2)