qdPM 9.1 – ‘search_by_extrafields[]’ SQL Injection
>> TAG: #remote exploit
qdPM 9.1 – ‘search_by_extrafields[]’ SQL Injection
Free IP Switcher 3.1 – ‘Computer Name’ Denial of Service (PoC)
AirMore 1.6.1 – Denial of Service (PoC)
UniSharp Laravel File Manager 2.0.0-alpha7 – Arbitrary File Upload
Linux – ‘kvm_ioctl_create_device()’ NULL Pointer Dereference
Core FTP/SFTP Server 1.2 Build 589.42 – ‘User domain’ Denial of Service (PoC)
LayerBB 1.1.2 – Cross-Site Request Forgery (Add Admin)
exacqVision ESM 5.12.2 – Privilege Escalation
DomainMOD 4.11.01 – ‘ssl-accounts.php username’ Cross-Site Scripting
DomainMOD 4.11.01 – ‘ssl-provider-name’ Cross-Site Scripting