Bludit 3.13.1 – ‘username’ Cross Site Scripting (XSS)
>> TAG: #0day
Bludit 3.13.1 – ‘username’ Cross Site Scripting (XSS)
Quick.CMS 6.7 – Cross Site Request Forgery (CSRF) to Cross Site Scripting (XSS) (Authenticated)
CMDBuild 3.3.2 – ‘Multiple’ Cross Site Scripting (XSS)
Online Learning System 2.0 – Remote Code Execution (RCE)
WordPress Plugin WPSchoolPress 2.1.16 – ‘Multiple’ Cross Site Scripting (XSS)
WordPress Plugin Contact Form to Email 1.3.24 – Stored Cross Site Scripting (XSS) (Authenticated)
KONGA 0.14.9 – Privilege Escalation
Simple Subscription Website 1.0 – SQLi Authentication Bypass
Fuel CMS 1.4.13 – ‘col’ Blind SQL Injection (Authenticated)
PHP Laravel 8.70.1 – Cross Site Scripting (XSS) to Cross Site Request Forgery (CSRF)