OpenEMR 5.0.1.7 – ‘fileName’ Path Traversal (Authenticated)
>> TAG: #remote exploit
OpenEMR 5.0.1.7 – ‘fileName’ Path Traversal (Authenticated)
Node.JS – ‘node-serialize’ Remote Code Execution (3)
Dlink DSL2750U – ‘Reboot’ Command Injection
ICE Hrm 29.0.0.OS – ‘xml upload’ Stored Cross-Site Scripting (XSS)
ICE Hrm 29.0.0.OS – ‘Account Takeover’ Cross-Site Request Forgery (CSRF)
ICE Hrm 29.0.0.OS – ‘Account Takeover’ Cross-Site Scripting and Session Fixation
Online Shopping Portal 3.1 – Remote Code Execution (Unauthenticated)
Zoho ManageEngine ServiceDesk Plus MSP 9.4 – User Enumeration
VX Search 13.5.28 – ‘Multiple’ Unquoted Service Path
Dup Scout 13.5.28 – ‘Multiple’ Unquoted Service Path