WordPress Charitable Donations Plugin and Fundraising Platform versions 1.7.0.12 and below suffer from a privilege escalation vulnerability.
607564406b8fb564dbe7f1171bf4ed68f65662b5085d91ae58cbbd8c0bd802d7
TSPlus version 16.0.2.14 suffers from an insecure permissions vulnerability.
0bc7ecda382e75a1cb2b54690a396532c49dd66393a3842a9283c8bfaf166236
TSPlus version 16.0.0.0 suffers from an insecure permissions vulnerability.
06f5da798bc1734c99952dd5665f7fc882b0e8d1c219d8e327e08d2824444cbb
TSPlus version 16.0.0.0 suffers from an insecure credential storage vulnerability.
215f20ce0fd7976f257c178193251dfef5d9ab1191d503a59cbdd146d251811d
Inosoft VisiWin 7 version 2022-2.1 suffers from a privilege escalation vulnerability.
0479f1727b121f5eb3c1f2142cc6237d6e3f59bd64f90af21aeb09ff4fe01a04
Dolibarr version 17.0.1 suffers from a persistent cross site scripting vulnerability.
03d90d763595e2fde18d9c8342024adf0cffb037d0c3aa3256b6204747312b19
PHPJabbers Business Directory Script version 3.2 suffers from cross site request forgery and cross site scripting vulnerabilities.
14b9a576fa1799bebb037dbe5fdce9862e9902c2bc8395cc3cdc7ce570dd0d5c
FOG Forum version 0.8 suffers from a cross site scripting vulnerability.
f12461b1f0dfe9cb54ce514fdf889e35455978759afdac7dff05971d9ce4b7be
FoccusWeb CMS version 0.1 suffers from a cross site scripting vulnerability.
4ec7d01c602a400932502d010a16a7b1bacb2f323fbd9f44c16aef7baacd0231
Fluent CMS version 1.0.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
fb72677e90b806060bb7670110f7e4feb1bb9815a6ae0f59e07f69285a2e6d76
Color Prediction Game version 1.0 suffers from a remote SQL injection vulnerability.
4fb3f9836e353951efef60d34f720b3ba2f7519dfb4e7ede6a3067554ec88d9a
Global Multi School Management System Express version 1.0 suffers from a remote SQL injection vulnerability.
a22628394bb46899d58de439e665e017c4415d37366a2c08f5aab4d9b82d3e4e
OVOO Movie Portal CMS version 3.3.3 suffers from a remote SQL injection vulnerability.
0a7615bcec0c377aa4a3da9402c37715eebc4d5bc3a169a3a0f51f05f3eefb7d
Taskhub CRM Tool version 2.8.6 suffers from a remote SQL injection vulnerability.
224f98426202b24a6ca1acc9b9414e8bee3e2ab59c8191c0ab2a4304cae2c3ad
FlightPath LMS version 4.8.2 suffers from an insecure direct object reference vulnerability.
3c5f6aa0e79c9510e78b7ef9cdbf88df097069d2ddd22ac88c7a06956299a3d4
FleetCart Laravel Ecommerce System version 1.1.2 suffers from an ignored default credential vulnerability.
68a6c17d047c26ef9fa83b8414516311214d6cb3d30aea8512036eb95fd0c4f9
FixBook Repair Shop Management Tool version 2.2 suffers from an information leakage vulnerability.
cca9cd6b4f15f93c2ce4de83d177d9b79dd893c5d9b8597cc907d88aab5d43ef
DoorGets CMS version 12 suffers from an information leakage vulnerability.
1979fc108f5ff900725da4d3f94060a8f67d69123005ed02143164fae6fc34f9
FIRESHOP Advanced CMS version 2.3 suffers from an arbitrary file upload vulnerability.
39420fdbd9e09574216b7c644d2b65bd4cece1bb21494da786900619db842882
FastMatch Iddaa Tahmin Scripti version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
c6293bc081bbaf0730ef54a595accb480ec65eacd626ec6d54385300fce46588
E-mailer Newsletter and Mailing System with Analytics + GEO location version 1.16 suffers from an information leakage vulnerability.
de698923ad14bb1bc258b0c0a5c562b59f67f25cf050cd857b5e718f2838903d
This Metasploit module exploits an unauthenticated remote code execution vulnerability in Jorani versions prior to 1.0.2. It abuses log poisoning and redirection bypass via header spoofing and then it uses path traversal to trigger the vulnerability. It has been tested on Jorani 1.0.0.
a4309a794ac0f54cb65920512a047c08d1fe2fb20e8fd4e92250ccc7c03334ba
Academy LMS version 6.1 suffers from an upload vulnerability that could lead to persistent cross site scripting attacks.
7376aca92af649793fc8f249692d13f1ef1e359cdf18e47dababff6842bf39f0
Credit Lite version 1.5.4 suffers from a remote SQL injection vulnerability.
0faea53f64035d441033c829555c1f6f8fc72385d820d794d376c48be7218249
Crypto Currency Tracker (CCT) versions 9.5 and below suffer from a flaw that allows an administrative account to be added without authentication.
9bfa02f5d59b5e3cf33ee7b1bbfbf8405639a69db395f6a7dbbbe7f5809ce517