Piwigo 11.3.0 – ‘language’ SQL
>> TAG: #remote exploit
Piwigo 11.3.0 – ‘language’ SQL
GitLab Community Edition (CE) 13.10.3 – ‘Sign_Up’ User Enumeration
Moodle 3.6.1 – Persistent Cross-Site Scripting (XSS)
Cacti 1.2.12 – ‘filter’ SQL Injection / Remote Code Execution
FOGProject 1.5.9 – File Upload RCE (Authenticated)
Kirby CMS 3.5.3.1 – ‘file’ Cross-Site Scripting (XSS)
Kimai 1.14 – CSV Injection
Montiorr 1.7.6m – File Upload to XSS
WordPress Plugin WPGraphQL 1.3.5 – Denial of Service
Hasura GraphQL 1.3.3 – Remote Code Execution