osTicket 1.14.2 – SSRF
>> TAG: #remote exploit
osTicket 1.14.2 – SSRF
Life Insurance Management System 1.0 – ‘client_id’ SQL Injection
Cisco UCS Manager 2.2(1d) – Remote Command Execution
Xwiki CMS 12.10.2 – Cross Site Scripting (XSS)
Inteno IOPSYS 3.16.4 – root filesystem access via sambashare (Authenticated)
Life Insurance Management System 1.0 – File Upload RCE (Authenticated)
PHP-Fusion CMS 9.03.90 – Cross-Site Request Forgery (Delete admin shoutbox message)
Online Hotel Reservation System 1.0 – Cross-site request forgery (CSRF)
WordPress Plugin Easy Contact Form 1.1.7 – ‘Name’ Stored Cross-Site Scripting (XSS)
Online Hotel Reservation System 1.0 – ‘description’ Stored Cross-site Scripting