>> TAG: #remote exploit

Fishing Reservation System 7.5 – ‘uid’ SQL Injection

Oracle Database 11g Release 2 – ‘OracleDBConsoleorcl’ Unquoted Service Path

Online Scheduling System 1.0 – ‘username’ SQL Injection

webERP 4.15.1 – Unauthenticated Backup File Access

BlogEngine 3.3 – ‘syndication.axd’ XML External Entity Injection

SimplePHPGal 0.7 – Remote File Inclusion

NEC Electra Elite IPK II WebPro 01.03.01 – Session Enumeration

BoltWire 6.03 – Local File Inclusion

osTicket 1.14.1 – Persistent Authenticated Cross-Site Scripting

Outline Service 1.3.3 – ‘Outline Service ‘ Unquoted Service Path