WordPress Plugin Fitness Calculators 1.9.5 – Cross-Site Request Forgery (CSRF)
>> TAG: #remote exploit
WordPress Plugin Fitness Calculators 1.9.5 – Cross-Site Request Forgery (CSRF)
Police Crime Record Management Project 1.0 – Time Based SQLi
Simple Attendance System 1.0 – Unauthenticated Blind SQLi
Filerun 2021.03.26 – Remote Code Execution (RCE) (Authenticated)
Budget and Expense Tracker System 1.0 – Remote Code Execution (RCE) (Unauthenticated)
WebsiteBaker 2.13.0 – Remote Code Execution (RCE) (Authenticated)
Yenkee Hornet Gaming Mouse – ‘GM312Fltr.sys’ Denial-Of-Service (PoC)
T-Soft E-Commerce 4 – change ‘admin credentials’ Cross-Site Request Forgery (CSRF)
Church Management System 1.0 – ‘search’ SQL Injection (Unauthenticated)
WordPress 5.7 – ‘Media Library’ XML External Entity Injection (XXE) (Authenticated)