Live Call Support Widget 1.5 – Remote Code Execution / SQL Injection
>> TAG: #0day
Live Call Support Widget 1.5 – Remote Code Execution / SQL Injection
Live Call Support Widget 1.5 – Cross-Site Request Forgery (Add Admin)
Hootoo HT-05 – Remote Code Execution (Metasploit)
xorg-x11-server < 1.20.3 – Local Privilege Escalation (Solaris 11 inittab)
Find a Place CMS Directory 1.5 – SQL Injection
Craigs Classified Ads CMS Theme 1.0.2 – SQL Injection
Lenovo R2105 – Cross-Site Request Forgery (Command Execution)
Cleanto 5.0 – SQL Injection
Hucart CMS 5.7.4 – Cross-Site Request Forgery (Add Administrator Account)
HealthNode Hospital Management System 1.0 – SQL Injection