Invoice System 1.0 – ‘Multiple’ Stored Cross-Site Scripting (XSS)
>> TAG: #remote exploit
Invoice System 1.0 – ‘Multiple’ Stored Cross-Site Scripting (XSS)
OpenEMR 5.0.1.3 – ‘manage_site_files’ Remote Code Execution (Authenticated) (2)
Garbage Collection Management System 1.0 – SQL Injection + Arbitrary File Upload
Church Management System 1.0 – SQL Injection (Authentication Bypass) + Arbitrary File Upload + RCE
Zoo Management System 1.0 – ‘Multiple’ Stored Cross-Site-Scripting (XSS)
Exam Hall Management System 1.0 – Unrestricted File Upload + RCE (Unauthenticated)
Online Covid Vaccination Scheduler System 1.0 – Arbitrary File Upload to Remote Code Execution (Unauthenticated)
Employee Record Management System 1.2 – Stored Cross-Site Scripting (XSS)
Wyomind Help Desk 1.3.6 – Remote Code Execution (RCE)
WordPress Plugin SP Project & Document Manager 4.21 – Remote Code Execution (RCE) (Authenticated)