Online Course Registration version 1.0 unauthenticated remote code execution exploit.
Vehicle Parking Management System version 1.0 suffer from multiple remote SQL Injection vulnerabilities, one of which allows for authentication bypass.
Wing FTP Server version 6.3.8 authenticated remote code execution exploit that leverages the web console.
Infor Storefront B2B version 1.0 suffers from a remote SQL injection vulnerability.
Web Based Online Hotel Booking System version 0.1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Online Farm Management System version 0.1.0 suffers from a persistent cross site scripting vulnerability.
CMSUno 1.6 – Cross-Site Request Forgery (Change Admin Password)
Sonar Qube 8.3.1 – ‘SonarQube Service’ Unquoted Service Path
Simple Startup Manager 1.17 – ‘File’ Local Buffer Overflow (PoC)
Various V-SOL OLTs suffer from multiple backdoor issues, hardcoded RSA keys, potential command injection, and insecure management vulnerabilities.