>> TAG: #0day

OpenBMCS 2.4 – SQLi (Authenticated)

OpenBMCS 2.4 – Server Side Request Forgery (SSRF) (Unauthenticated)

OpenBMCS 2.4 – Create Admin / Remote Privilege Escalation

OpenBMCS 2.4 – Information Disclosure

Simple Chatbot Application 1.0 – Remote Code Execution (RCE)

Simple Chatbot Application 1.0 – ‘message’ Blind SQLi

OpenBMCS 2.4 – Cross Site Request Forgery (CSRF)

Online Diagnostic Lab Management System 1.0 – SQL Injection (Unauthenticated)

Hospitals Patient Records Management System 1.0 – ‘room_types’ Stored Cross Site Scripting (XSS)

Hospitals Patient Records Management System 1.0 – ‘doctors’ Stored Cross Site Scripting (XSS)