Tag: 0day

[webapps] Joomla JCK Editor 6.4.4 – 'parent' SQL Injection (2)

[remote] CatDV 9.2 – RMI Authentication Bypass

[webapps] Fluig 1.7.0 – Path Traversal

[webapps] e107 CMS 2.3.0 – CSRF

[webapps] Online Ordering System 1.0 – Arbitrary File Upload to Remote Code Execution

[webapps] Local Services Search Engine Management System (LSSMES) 1.0 – Blind & Error based SQL injection (Authenticated)

[webapps] Local Services Search Engine Management System (LSSMES) 1.0 – 'name' Persistent Cross-Site Scripting (XSS)

[remote] AnyDesk 5.5.2 – Remote Code Execution

[webapps] Web Based Quiz System 1.0 – 'MCQ options' Persistent/Stored Cross-Site Scripting

[webapps] Web Based Quiz System 1.0 – 'name' Persistent/Stored Cross-Site Scripting