[webapps] WordPress Plugin Backup Migration 1.2.8 - Unauthenticated Database Backup

WordPress Plugin Backup Migration 1.2.8 - Unauthenticated Database Backup

[remote] Screen SFT DAB 600/C - Authentication Bypass Reset Board Config

Screen SFT DAB 600/C - Authentication Bypass Reset Board Config

[webapps] GetSimple CMS v3.3.16 - Remote Code Execution (RCE)

GetSimple CMS v3.3.16 - Remote Code Execution (RCE)

[remote] Screen SFT DAB 600/C - Unauthenticated Information Disclosure (userManager.cgx)

Screen SFT DAB 600/C - Unauthenticated Information Disclosure (userManager.cgx)

[remote] Screen SFT DAB 600/C - Authentication Bypass Account Creation

Screen SFT DAB 600/C - Authentication Bypass Account Creation

[remote] Screen SFT DAB 600/C - Authentication Bypass Password Change

Screen SFT DAB 600/C - Authentication Bypass Password Change

[remote] Screen SFT DAB 600/C - Authentication Bypass Erase Account

Screen SFT DAB 600/C - Authentication Bypass Erase Account

[webapps] Webkul Qloapps 1.5.2 - Cross-Site Scripting (XSS)

Webkul Qloapps 1.5.2 - Cross-Site Scripting (XSS)

[webapps] PaperCut NG/MG 22.0.4 - Remote Code Execution (RCE)

PaperCut NG/MG 22.0.4 - Remote Code Execution (RCE)

[local] MobileTrans 4.0.11 - Weak Service Privilege Escalation

MobileTrans 4.0.11 - Weak Service Privilege Escalation

[webapps] Quicklancer v1.0 - SQL Injection

Quicklancer v1.0 - SQL Injection

[webapps] Apache Superset 2.0.0 - Authentication Bypass

Apache Superset 2.0.0 - Authentication Bypass

[webapps] Smart School v1.0 - SQL Injection

Smart School v1.0 - SQL Injection

[webapps] CiviCRM 5.59.alpha1 - Stored XSS (Cross-Site Scripting)

CiviCRM 5.59.alpha1 - Stored XSS (Cross-Site Scripting)

[local] Trend Micro OfficeScan Client 10.0 - ACL Service LPE

Trend Micro OfficeScan Client 10.0 - ACL Service LPE

[webapps] Prestashop 8.0.4 - CSV injection

Prestashop 8.0.4 - CSV injection

[local] Yank Note v3.52.1 (Electron) - Arbitrary Code Execution

Yank Note v3.52.1 (Electron) - Arbitrary Code Execution

[webapps] PnPSCADA v2.x - Unauthenticated PostgreSQL Injection

PnPSCADA v2.x - Unauthenticated PostgreSQL Injection

[webapps] Affiliate Me Version 5.0.1 - SQL Injection

Affiliate Me Version 5.0.1 - SQL Injection

[webapps] e107 v2.3.2 - Reflected XSS

e107 v2.3.2 - Reflected XSS

[webapps] TinyWebGallery v2.5 - Remote Code Execution (RCE)

TinyWebGallery v2.5 - Remote Code Execution (RCE)

[webapps] Best POS Management System v1.0 - Unauthenticated Remote Code Execution

Best POS Management System v1.0 - Unauthenticated Remote Code Execution

[remote] Optoma 1080PSTX Firmware C02 - Authentication Bypass

Optoma 1080PSTX Firmware C02 - Authentication Bypass

[webapps] TinyWebGallery v2.5 - Stored Cross-Site Scripting (XSS)

TinyWebGallery v2.5 - Stored Cross-Site Scripting (XSS)

[webapps] Job Portal 1.0 - File Upload Restriction Bypass

Job Portal 1.0 - File Upload Restriction Bypass

[webapps] RockMongo 1.1.7 - Stored Cross-Site Scripting (XSS)

RockMongo 1.1.7 - Stored Cross-Site Scripting (XSS)

[dos] FLEX 1080 < 1085 Web 1.6.0 - Denial of Service

FLEX 1080

[remote] Epson Stylus SX510W Printer Remote Power Off - Denial of Service

Epson Stylus SX510W Printer Remote Power Off - Denial of Service

[webapps] Online Clinic Management System 2.2 - Multiple Stored Cross-Site Scripting (XSS)

Online Clinic Management System 2.2 - Multiple Stored Cross-Site Scripting (XSS)

[webapps] pluck v4.7.18 - Stored Cross-Site Scripting (XSS)

pluck v4.7.18 - Stored Cross-Site Scripting (XSS)

[webapps] Jedox 2022.4.2 - Remote Code Execution via Directory Traversal

Jedox 2022.4.2 - Remote Code Execution via Directory Traversal

[webapps] Jedox 2020.2.5 - Remote Code Execution via Executable Groovy-Scripts

Jedox 2020.2.5 - Remote Code Execution via Executable Groovy-Scripts

[webapps] KodExplorer v4.51.03 - Pwned-Admin File-Inclusion - Remote Code Execution (RCE)

KodExplorer v4.51.03 - Pwned-Admin File-Inclusion - Remote Code Execution (RCE)

[webapps] Ulicms-2023.1 sniffing-vicuna - Remote Code Execution (RCE)

Ulicms-2023.1 sniffing-vicuna - Remote Code Execution (RCE)

[local] Codigo Markdown Editor v1.0.1 (Electron) - Remote Code Execution

Codigo Markdown Editor v1.0.1 (Electron) - Remote Code Execution

[webapps] Wolf CMS 0.8.3.1 - Remote Code Execution (RCE)

Wolf CMS 0.8.3.1 - Remote Code Execution (RCE)

[webapps] Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls

Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls

[webapps] Jedox 2020.2.5 - Stored Cross-Site Scripting in Log-Module

Jedox 2020.2.5 - Stored Cross-Site Scripting in Log-Module

[webapps] Online Pizza Ordering System v1.0 - Unauthenticated File Upload

Online Pizza Ordering System v1.0 - Unauthenticated File Upload

[webapps] Cmaps v8.0 - SQL injection

Cmaps v8.0 - SQL injection

[webapps] Jedox 2020.2.5 - Remote Code Execution via Configurable Storage Path

Jedox 2020.2.5 - Remote Code Execution via Configurable Storage Path

[webapps] Ulicms-2023.1 sniffing-vicuna - Stored Cross-Site Scripting (XSS)

Ulicms-2023.1 sniffing-vicuna - Stored Cross-Site Scripting (XSS)

[webapps] Jedox 2022.4.2 - Disclosure of Database Credentials via Connection Checks

Jedox 2022.4.2 - Disclosure of Database Credentials via Connection Checks

[webapps] Jedox 2022.4.2 - Code Execution via RPC Interfaces

Jedox 2022.4.2 - Code Execution via RPC Interfaces

[webapps] EasyPHP Webserver 14.1 - Multiple Vulnerabilities (RCE and Path Traversal)

EasyPHP Webserver 14.1 - Multiple Vulnerabilities (RCE and Path Traversal)

[webapps] File Thingie 2.5.7 - Remote Code Execution (RCE)

File Thingie 2.5.7 - Remote Code Execution (RCE)

[webapps] PHPFusion 9.10.30 - Stored Cross-Site Scripting (XSS)

PHPFusion 9.10.30 - Stored Cross-Site Scripting (XSS)

[webapps] OpenEMR v7.0.1 - Authentication credentials brute force

OpenEMR v7.0.1 - Authentication credentials brute force

[webapps] admidio v4.2.5 - CSV Injection

admidio v4.2.5 - CSV Injection

[local] MilleGPG5 5.9.2 (Gennaio 2023) - Local Privilege Escalation / Incorrect Access Control

MilleGPG5 5.9.2 (Gennaio 2023) - Local Privilege Escalation / Incorrect Access Control

[webapps] Serendipity 2.4.0 - File Inclusion RCE

Serendipity 2.4.0 - File Inclusion RCE

[webapps] Companymaps v8.0 - Stored Cross Site Scripting (XSS)

Companymaps v8.0 - Stored Cross Site Scripting (XSS)

[webapps] SoftExpert (SE) Suite v2.1.3 - Local File Inclusion

SoftExpert (SE) Suite v2.1.3 - Local File Inclusion

[webapps] PHPJabbers Simple CMS V5.0 - Stored Cross-Site Scripting (XSS)

PHPJabbers Simple CMS V5.0 - Stored Cross-Site Scripting (XSS)

[webapps] GLPI 9.5.7 - Username Enumeration

GLPI 9.5.7 - Username Enumeration

[webapps] PHPJabbers Simple CMS 5.0 - SQL Injection

PHPJabbers Simple CMS 5.0 - SQL Injection

[local] FS-S3900-24T4S - Privilege Escalation

FS-S3900-24T4S - Privilege Escalation

[local] Advanced Host Monitor v12.56 - Unquoted Service Path

Advanced Host Monitor v12.56 - Unquoted Service Path

[webapps] phpMyFAQ v3.1.12 - CSV Injection

phpMyFAQ v3.1.12 - CSV Injection

[webapps] PHP Restaurants 1.0 - SQLi Authentication Bypass & Cross Site Scripting

PHP Restaurants 1.0 - SQLi Authentication Bypass & Cross Site Scripting