Tag: remote exploit

[webapps] bloofoxCMS 0.5.2.1 – CSRF (Add user)

[webapps] BloofoxCMS 0.5.2.1 – 'text' Stored Cross Site Scripting

[webapps] Online Grading System 1.0 – 'uname' SQL Injection

[webapps] Quick.CMS 6.7 – Remote Code Execution (Authenticated)

[webapps] EgavilanMedia PHPCRUD 1.0 – 'Full Name' Stored Cross Site Scripting

[webapps] CMSUno 1.6.2 – 'lang/user' Remote Code Execution (Authenticated)

[dos] jQuery UI 1.12.1 – Denial of Service (DoS)

[webapps] STVS ProVision 5.9.10 – File Disclosure (Authenticated)

[webapps] STVS ProVision 5.9.10 – Cross-Site Request Forgery (Add Admin)

[webapps] Openlitespeed Web Server 1.7.8 – Command Injection (Authenticated)