Exploit Title: Complaints Report Management System 1.0 – ‘username’ SQL Injection / Remote Code Execution
>> TAG: #remote exploit
Apache Flink 1.9.x – File Upload RCE (Unauthenticated)
WordPress Plugin Simple File List 5.4 – Arbitrary File Upload
CSE Bookstore 1.0 – ‘quantity’ Persistent Cross-site Scripting
DedeCMS v.5.8 – “keyword” Cross-Site Scripting
Citadel WebCit < 926 – Session Hijacking Exploit
Online Job Portal 1.0 – ‘userid’ SQL Injection
Mailman 1.x > 2.1.23 – Cross Site Scripting (XSS)
Online Examination System 1.0 – ‘name’ Stored Cross Site Scripting
WebLogic Server 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.3.0 / 12.2.1.4.0 / 14.1.1.0.0 – Unauthenticated RCE via GET request