Odoo 12.0.20190101 – ‘nssm.exe’ Unquoted Service Path
>> TAG: #remote exploit
Odoo 12.0.20190101 – ‘nssm.exe’ Unquoted Service Path
Human Resource Information System 0.1 – ‘First Name’ Persistent Cross-Site Scripting (Authenticated)
DHCP Broadband 4.1.0.1503 – ‘dhcpt.exe’ Unquoted Service Path
BOOTP Turbo 2.0.0.1253 – ‘bootpt.exe’ Unquoted Service Path
TFTP Broadband 4.3.0.1465 – ‘tftpt.exe’ Unquoted Service Path
PHP Timeclock 1.04 – ‘Multiple’ Cross Site Scripting (XSS)
Microweber CMS 1.1.20 – Remote Code Execution (Authenticated)
Sandboxie Plus 0.7.4 – ‘SbieSvc’ Unquoted Service Path
Epic Games Easy Anti-Cheat 4.0 – Local Privilege Escalation
Voting System 1.0 – Authentication Bypass (SQLI)