>> TAG: #remote exploit

rConfig 3.9.5 – Remote Code Execution (Unauthenticated)

NodeBB Forum 1.12.2-1.14.2 – Account Takeover

Guild Wars 2 – Insecure Folder Permissions

berliCRM 1.0.24 – ‘src_record’ SQL Injection

Battle.Net 1.27.1.12428 – Insecure File Permissions

Small CRM 2.0 – ’email’ SQL Injection

Online Students Management System 1.0 – ‘username’ SQL Injections

MedDream PACS Server 6.8.3.751 – Remote Code Execution (Unauthenticated)

Liman 0.7 – Cross-Site Request Forgery (Change Password)

Cisco ASA and FTD 9.6.4.42 – Path Traversal