>> TAG: #remote exploit

CMSUno 1.6.2 – ‘lang’ Remote Code Execution (Authenticated)

SmartBlog 2.0.1 – ‘id_post’ Blind SQL injection

Sentrifugo 3.2 – ‘assets’ Remote Code Execution (Authenticated)

Sentrifugo Version 3.2 – ‘announcements’ Remote Code Execution (Authenticated)

BlogEngine 3.3.8 – ‘Content’ Stored XSS

iDS6 DSSPro Digital Signage System 6.2 – Cross-Site Request Forgery (CSRF)

Processwire CMS 2.4.0 – ‘download’ Local File Inclusion

School Log Management System 1.0 – ‘username’ SQL Injection / Remote Code Execution

Student Attendance Management System 1.0 – ‘username’ SQL Injection / Remote Code Execution

Multi Restaurant Table Reservation System 1.0 – ‘table_id’ Unauthenticated SQL Injection