The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not sanitize and escape the time parameter before using it in a SQL statement in the mec_load_single_page AJAX action, available to unauthenticated users, leading to an unauthenticated SQL injection issue.
The RegistrationMagic WordPress plugin before 5.0.1.6 does not escape user input in its rm_chronos_ajax AJAX action before using it in a SQL statement when duplicating tasks in batches, which could lead to a SQL injection issue.
This exploit allows an attacker to perform a SQL Injection attack on the PHPIPAM software version 1.4.4.
Landa Driving School Management System version 2.0.1 allows registered users to upload arbitrary files, specifically .php5 files, in the attachments section. This can be exploited using an intercept tool in Burp Suite to edit the raw request. The uploaded files can be accessed directly via a direct link.
Multiple reflected cross site scripting web vulnerabilities in the Affiliate Pro - Affiliate Management System v1.7.
The vulnerability laboratory core research team discovered a persistent cross site scripting web vulnerability in the Rocket LMS v1.1 cms.
The vulnerability laboratory core research team discovered multiple non-persistent cross site web vulnerabilities in the uDoctorAppointment script web-application.
You can upload a php shell file as a bot_avatar or user_avatar or image
The application allows directory listing and information disclosure of some sensitive files that can allow an attacker to leverage the disclosed information and gain full BMS access.
The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.
Services By CQR