OpenEMR 5.0.1.3 – ‘manage_site_files’ Remote Code Execution (Authenticated)
>> TAG: #remote exploit
OpenEMR 5.0.1.3 – ‘manage_site_files’ Remote Code Execution (Authenticated)
WibuKey Runtime 6.51 – ‘WkSvW32.exe’ Unquoted Service Path
Small CRM 3.0 – ‘Authentication Bypass’ SQL Injection
Stock Management System 1.0 – ‘user_id’ Blind SQL injection (Authenticated)
OpenEMR 5.0.0 – Remote Code Execution (Authenticated)
Microsoft SharePoint Server 16.0.10372.20060 – ‘GetXmlDataFromDataSource’ Server-Side Request Forgery (SSRF)
Cerberus FTP Web Service 11 – ‘svg’ Stored Cross-Site Scripting (XSS)
Accela Civic Platform 21.1 – ‘servProvCode’ Cross-Site-Scripting (XSS)
n+otes 1.6.2 – Denial of Service (PoC)
Sticky Notes Widget Version 3.0.6 – Denial of Service (PoC)