Ricon Industrial Cellular Router S9922XL suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands as the admin (root) user via…
Phone Shop Sales Managements System 1.0 – ‘Multiple’ Arbitrary File Upload to Remote Code Execution
WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 – Directory Traversal
perfexcrm 1.10 – ‘State’ Stored Cross-site scripting (XSS)
Visual Tools DVR VX16 4.2.28.0 – OS Command Injection (Unauthenticated)
Phone Shop Sales Managements System 1.0 – Authentication Bypass (SQLi)
Visual Tools DVR VX16 4.2.28 – Local Privilege Escalation
Exam Hall Management System 1.0 – Unrestricted File Upload (Unauthenticated)
Pallets Werkzeug 0.15.4 – Path Traversal
Billing System Project 1.0 – Remote Code Execution (RCE) (Unauthenticated)