Croogo 3.0.2 – ‘Multiple’ Stored Cross-Site Scripting (XSS)
>> TAG: #0day
Croogo 3.0.2 – ‘Multiple’ Stored Cross-Site Scripting (XSS)
Croogo 3.0.2 – Unrestricted File Upload
Arunna 1.0.0 – ‘Multiple’ Cross-Site Request Forgery (CSRF)
Oliver Library Server v5 – Arbitrary File Download
Apache Log4j2 2.14.1 – Information Disclosure
Laravel Valet 2.0.3 – Local Privilege Escalation (macOS)
Apache Log4j 2 – Remote Code Execution (RCE)
WordPress Plugin Typebot 1.4.3 – Stored Cross Site Scripting (XSS) (Authenticated)
Microsoft Internet Explorer / ActiveX Control – Security Bypass
HD-Network Real-time Monitoring System 2.0 – Local File Inclusion (LFI)