المساعد الشخصي الرقمي

مشاهدة النسخة كاملة : exploit database


الصفحات : [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68

  1. [local] Microsoft Windows cmd.exe - Stack Buffer Overflow
  2. [webapps] SmarterTools SmarterTrack 7922 - 'Multiple' Information Disclosure
  3. [webapps] Pharmacy Point of Sale System 1.0 - SQLi Authentication BYpass
  4. [webapps] Budget and Expense Tracker System 1.0 - Arbitrary File Upload
  5. [webapps] Police Crime Record Management Project 1.0 - Time Based SQLi
  6. [webapps] WordPress Plugin Fitness Calculators 1.9.5 - Cross-Site Request Forgery (CS
  7. [webapps] WordPress Plugin Advanced Order Export For WooCommerce 3.1.7 - Reflected Cr
  8. [webapps] Backdrop CMS 1.20.0 - 'Multiple' Cross-Site Request Forgery (CSRF)
  9. [dos] Redragon Gaming Mouse - 'REDRAGON_MOUSE.sys' Denial-Of-Service (PoC)
  10. [webapps] Wordpress Plugin 3DPrint Lite 1.9.1.4 - Arbitrary File Upload
  11. [webapps] Gurock Testrail 7.2.0.3014 - 'files.md5' Improper Access Control
  12. [webapps] Sentry 8.2.0 - Remote Code Execution (RCE) (Authenticated)
  13. [webapps] Online Reviewer System 1.0 - Remote Code Execution (RCE) (Unauthenticated)
  14. [webapps] Cloudron 6.2 - 'returnTo ' Cross Site Scripting (Reflected)
  15. [webapps] OpenCats 0.9.4-2 - 'docx ' XML External Entity Injection (XXE)
  16. [webapps] e107 CMS 2.3.0 - Remote Code Execution (RCE) (Authenticated)
  17. [local] TotalAV 5.15.69 - Unquoted Service Path
  18. [webapps] Filerun 2021.03.26 - Remote Code Execution (RCE) (Authenticated)
  19. [webapps] Simple Attendance System 1.0 - Unauthenticated Blind SQLi
  20. [dos] Yenkee Hornet Gaming Mouse - 'GM312Fltr.sys' Denial-Of-Service (PoC)
  21. [webapps] WebsiteBaker 2.13.0 - Remote Code Execution (RCE) (Authenticated)
  22. [webapps] Budget and Expense Tracker System 1.0 - Remote Code Execution (RCE) (Unaut
  23. [webapps] Budget and Expense Tracker System 1.0 - Authenticated Bypass
  24. [webapps] Church Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated
  25. [webapps] Online Food Ordering System 2.0 - Remote Code Execution (RCE) (Unauthentic
  26. [webapps] WordPress 5.7 - 'Media Library' XML External Entity Injection (XXE) (Authen
  27. [webapps] T-Soft E-Commerce 4 - change 'admin credentials' Cross-Site Request Forgery
  28. [webapps] Church Management System 1.0 - 'search' SQL Injection (Unauthenticated)
  29. [webapps] Library Management System 1.0 - Blind Time-Based SQL Injection (Unauthentic
  30. [webapps] Simple Attendance System 1.0 - Authenticated bypass
  31. [webapps] WordPress Plugin WooCommerce Booster Plugin 5.4.3 - Authentication Bypass
  32. [webapps] ImpressCMS 1.4.2 - Remote Code Execution (RCE) (Authenticated)
  33. [webapps] Seowon 130-SLC router - 'queriesCnt' Remote Code Execution (Unauthenticated
  34. [webapps] Evolution CMS 3.1.6 - Remote Code Execution (RCE) (Authenticated)
  35. [webapps] AlphaWeb XE - File Upload Remote Code Execution (RCE) (Authenticated)
  36. [webapps] Purchase Order Management System 1.0 - Authentication Bypass
  37. [webapps] Support Board 3.3.3 - 'Multiple' SQL Injection (Unauthenticated)
  38. [webapps] Purchase Order Management System 1.0 - Remote File Upload
  39. [webapps] ECOA Building Automation System - Remote Privilege Escalation
  40. [webapps] ECOA Building Automation System - Local File Disclosure
  41. [webapps] ECOA Building Automation System - Arbitrary File Deletion
  42. [webapps] Wordpress Plugin Download From Files 1.48 - Arbitrary File Upload
  43. [webapps] Apartment Visitor Management System (AVMS) 1.0 - SQLi to RCE
  44. [local] Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai
  45. [webapps] ECOA Building Automation System - Path Traversal Arbitrary File Upload
  46. [webapps] ECOA Building Automation System - Directory Traversal Content Disclosure
  47. [webapps] ECOA Building Automation System - 'multiple' Cross-Site Request Forgery (CS
  48. [webapps] ECOA Building Automation System - Cookie Poisoning Authentication Bypass
  49. [webapps] ECOA Building Automation System - Configuration Download Information Disclo
  50. [webapps] ECOA Building Automation System - Hidden Backdoor Accounts and backdoor() F
  51. [remote] ECOA Building Automation System - Hard-coded Credentials SSH Access
  52. [local] ECOA Building Automation System - Missing Encryption Of Sensitive Information
  53. [local] Active WebCam 11.5 - Unquoted Service Path
  54. [webapps] Men Salon Management System 1.0 - Multiple Vulnerabilities
  55. [webapps] ECOA Building Automation System - Weak Default Credentials
  56. [webapps] Bus Pass Management System 1.0 - 'adminname' Stored Cross-Site Scripting (X
  57. [webapps] WordPress Plugin TablePress 1.14 - CSV Injection
  58. [webapps] WordPress Plugin Survey & Poll 1.5.7.3 - 'sss_params' SQL Injection (2)
  59. [webapps] WordPress Plugin WP Sitemap Page 1.6.4 - Stored Cross-Site Scripting (XSS)
  60. [webapps] Antminer Monitor 0.5.0 - Authentication Bypass
  61. [webapps] OpenEMR 6.0.0 - 'noteid' Insecure Direct Object Reference (IDOR)
  62. [local] Argus Surveillance DVR 4.0 - Unquoted Service Path
  63. [webapps] FlatCore CMS 2.0.7 - Remote Code Execution (RCE) (Authenticated)
  64. [webapps] Bus Pass Management System 1.0 - 'viewid' Insecure direct object references
  65. [webapps] Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload & Re
  66. [webapps] Patient Appointment Scheduler System 1.0 - Persistent/Stored XSS
  67. [dos] SmartFTP Client 10.0.2909.0 - 'Multiple' Denial of Service
  68. [webapps] OpenSIS 8.0 'modname' - Directory/Path Traversal
  69. [local] Remote Mouse 4.002 - Unquoted Service Path
  70. [webapps] WordPress Plugin Duplicate Page 4.4.1 - Stored Cross-Site Scripting (XSS)
  71. [webapps] WPanel 4.3.1 - Remote Code Execution (RCE) (Authenticated)
  72. [webapps] Compro Technology IP Camera - ' mjpegStreamer.cgi' Screenshot Disclosure
  73. [webapps] Compro Technology IP Camera - ' index_MJpeg.cgi' Stream Disclosure
  74. [webapps] Compro Technology IP Camera - 'Multiple' Credential Disclosure
  75. [webapps] Compro Technology IP Camera - RTSP stream disclosure (Unauthenticated)
  76. [webapps] Compro Technology IP Camera - 'killps.cgi' Denial-of-Service (DoS)
  77. [webapps] Dolibarr ERP/CRM 14.0.1 - Privilege Escalation
  78. [webapps] OpenSIS Community 8.0 - 'cp_id_miss_attn' SQL Injection
  79. [dos] Telegram Desktop 2.9.2 - Denial of Service (PoC)
  80. [webapps] WordPress Plugin Payments Plugin | GetPaid 2.4.6 - HTML Injection
  81. [webapps] Traffic Offense Management System 1.0 - SQLi to Remote Code Execution (RCE)
  82. [webapps] Confluence Server 7.12.4 - 'OGNL injection' Remote Code Execution (RCE) (Un
  83. [webapps] Umbraco CMS 8.9.1 - Path traversal and Arbitrary File Write (Authenticated)
  84. [webapps] WordPress Plugin ProfilePress 3.1.3 - Privilege Escalation (Unauthenticated
  85. [webapps] Strapi CMS 3.0.0-beta.17.4 - Remote Code Execution (RCE) (Unauthenticated)
  86. [webapps] Projectsend r1295 - 'name' Stored XSS
  87. [webapps] Strapi 3.0.0-beta.17.7 - Remote Code Execution (RCE) (Authenticated)
  88. [webapps] Strapi 3.0.0-beta - Set Password (Unauthenticated)
  89. [local] MySQL User-Defined (Linux) x32 / x86_64 - 'sys_exec' Local Privilege Escalati
  90. [webapps] ZesleCP 3.1.9 - Remote Code Execution (RCE) (Authenticated)
  91. [webapps] Usermin 1.820 - Remote Code Execution (RCE) (Authenticated)
  92. [webapps] Bus Pass Management System 1.0 - 'viewid' SQL Injection
  93. [webapps] COMMAX UMS Client ActiveX Control 1.7.0.2 - 'CNC_Ctrl.dll' Heap Buffer Over
  94. [webapps] COMMAX WebViewer ActiveX Control 2.1.4.5 - 'Commax_WebViewer.ocx' Buffer Ov
  95. [webapps] CyberPanel 2.1 - Remote Code Execution (RCE) (Authenticated)
  96. [webapps] ProcessMaker 3.5.4 - Local File inclusion
  97. [webapps] Online Leave Management System 1.0 - Arbitrary File Upload to Shell (Unauth
  98. [webapps] HP OfficeJet 4630/7110 MYM1FN2025AR/2117A - Stored Cross-Site Scripting (XS
  99. [webapps] WordPress Plugin Mail Masta 1.0 - Local File Inclusion (2)
  100. [webapps] RaspAP 2.6.6 - Remote Code Execution (RCE) (Authenticated)
  101. [webapps] Simple Phone book/directory 1.0 - 'Username' SQL Injection (Unauthenticated
  102. [webapps] Online Traffic Offense Management System 1.0 - Remote Code Execution (RCE)
  103. [webapps] Laundry Booking Management System 1.0 - 'Multiple' Stored Cross-Site Script
  104. [webapps] Online Traffic Offense Management System 1.0 - 'id' SQL Injection (Authenti
  105. [webapps] Laundry Booking Management System 1.0 - 'Multiple' SQL Injection
  106. [webapps] Charity Management System CMS 1.0 - Multiple Vulnerabilities
  107. [webapps] Simple Image Gallery 1.0 - Remote Code Execution (RCE) (Unauthenticated)
  108. [webapps] COVID19 Testing Management System 1.0 - 'Multiple' SQL Injections
  109. [remote] crossfire-server 1.9.0 - 'SetUp()' Remote Buffer Overflow
  110. [webapps] Crime records Management System 1.0 - 'Multiple' SQL Injection (Authenticat
  111. [webapps] GeoVision Geowebserver 5.3.3 - LFI / XSS / HHI / RCE
  112. [local] SonicWall NetExtender 10.2.0.300 - Unquoted Service Path
  113. [webapps] Simple Water Refilling Station Management System 1.0 - Authentication Bypas
  114. [webapps] Simple Water Refilling Station Management System 1.0 - Remote Code Executio
  115. [webapps] COMMAX Biometric Access Control System 1.0.0 - Authentication Bypass
  116. [webapps] COMMAX Smart Home IoT Control System CDP-1020n - SQL Injection Authenticati
  117. [webapps] COMMAX Smart Home Ruvie CCTV Bridge DVR Service - RTSP Credentials Disclosu
  118. [webapps] COMMAX Smart Home Ruvie CCTV Bridge DVR Service - Config Write / DoS (Unaut
  119. [webapps] COMMAX CVD-Axx DVR 5.1.4 - Weak Default Credentials Stream Disclosure
  120. [webapps] NetGear D1500 V1.0.0.21_1.0.1PE - 'Wireless Repeater' Stored Cross-Site Scr
  121. [webapps] CentOS Web Panel 0.9.8.1081 - Stored Cross-Site Scripting (XSS)
  122. [webapps] Care2x Open Source Hospital Information Management 2.7 Alpha - 'Multiple' S
  123. [webapps] Simple Image Gallery System 1.0 - 'id' SQL Injection
  124. [webapps] RATES SYSTEM 1.0 - Authentication Bypass
  125. [webapps] easy-mock 1.6.0 - Remote Code Execution (RCE) (Authenticated)
  126. [webapps] Police Crime Record Management System 1.0 - 'Multiple' Stored Cross-Site Sc
  127. [webapps] Police Crime Record Management System 1.0 - 'casedetails' SQL Injection
  128. [webapps] 4images 1.8 - 'limitnumber' SQL Injection (Authenticated)
  129. [webapps] RATES SYSTEM 1.0 - 'Multiple' SQL Injections
  130. [webapps] COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection
  131. [webapps] Altova MobileTogether Server 7.3 - XML External Entity Injection (XXE)
  132. [webapps] Simple Library Management System 1.0 - 'rollno' SQL Injection
  133. [local] Xiaomi browser 10.2.4.g - Browser Search History Disclosure
  134. [webapps] WordPress Plugin LifterLMS 4.21.1 - Access Other Student Grades/Answers via
  135. [webapps] WordPress Plugin Picture Gallery 1.4.2 - 'Edit Content URL' Stored Cross-Si
  136. [webapps] IPCop 2.1.9 - Remote Code Execution (RCE) (Authenticated)
  137. [local] Amica Prodigy 1.7 - Privilege Escalation
  138. [webapps] Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injectio
  139. [webapps] CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting (XSS) (Authenticated)
  140. [webapps] Moodle 3.9 - Remote Code Execution (RCE) (Authenticated)
  141. [webapps] GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload (Unauth
  142. [webapps] ApacheOfBiz 17.12.01 - Remote Command Execution (RCE) via Unsafe Deserializ
  143. [webapps] qdPM 9.1 - Remote Code Execution (RCE) (Authenticated)
  144. [webapps] qdPM 9.2 - DB Connection String and Password Exposure (Unauthenticated)
  145. [webapps] Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS)
  146. [webapps] WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-
  147. [webapps] Hotel Management System 1.0 - Cross-Site Scripting (XSS) Arbitrary File Upl
  148. [webapps] Panasonic Sanyo CCTV Network Camera 2.03-0x - 'Disable Authentication / Cha
  149. [webapps] Men Salon Management System 1.0 - SQL Injection Authentication Bypass
  150. [remote] Neo4j 3.4.18 - RMI based Remote Code Execution (RCE)
  151. [webapps] Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting (XSS)
  152. [webapps] IntelliChoice eFORCE Software Suite 2.5.9 - Username Enumeration
  153. [webapps] Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection
  154. [webapps] CloverDX 5.9.0 - Cross-Site Request Forgery (CSRF) to Remote Code Execution
  155. [webapps] Oracle Fatwire 6.3 - Multiple Vulnerabilities
  156. [webapps] Denver IP Camera SHO-110 - Unauthenticated Snapshot
  157. [webapps] Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download
  158. [webapps] Event Registration System with QR Code 1.0 - Authentication Bypass & RCE
  159. [remote] Denver Smart Wifi Camera SHC-150 - 'Telnet' Remote Code Execution (RCE)
  160. [webapps] TripSpark VEO Transportation - Blind SQL Injection
  161. [webapps] Customer Relationship Management System (CRM) 1.0 - Sql Injection Authentic
  162. [webapps] PHP 7.3.15-3 - 'PHP_SESSION_UPLOAD_PROGRESS' Session Data Injection
  163. [webapps] XOS Shop 1.0.9 - 'Multiple' Arbitrary File Deletion (Authenticated)
  164. [dos] Leawo Prof. Media 11.0.0.1 - Denial of Service (DoS) (PoC)
  165. [webapps] NoteBurner 2.35 - Denial Of Service (DoS) (PoC)
  166. [webapps] Elasticsearch ECE 7.13.3 - Anonymous Database Dump
  167. [webapps] Microsoft SharePoint Server 2019 - Remote Code Execution (2)
  168. [webapps] WordPress Plugin Simple Post 1.1 - 'Text field' Stored Cross-Site Scripting
  169. [webapps] ElasticSearch 7.13.3 - Memory disclosure
  170. [webapps] KevinLAB BEMS 1.0 - Unauthenticated SQL Injection / Authentication Bypass
  171. [webapps] KevinLAB BEMS 1.0 - File Path Traversal Information Disclosure (Authenticat
  172. [webapps] CSZ CMS 1.2.9 - 'Multiple' Arbitrary File Deletion
  173. [remote] KevinLAB BEMS 1.0 - Undocumented Backdoor Account
  174. [webapps] WordPress Plugin KN Fix Your Title 1.0.1 - 'Separator' Stored Cross-Site Sc
  175. [webapps] Webmin 1.973 - 'run.cgi' Cross-Site Request Forgery (CSRF)
  176. [webapps] PEEL Shopping 9.3.0 - 'id' Time-based SQL Injection
  177. [webapps] Dolibarr ERP/CRM 10.0.6 - Login Brute Force
  178. [webapps] WordPress Plugin Mimetic Books 0.2.13 - 'Default Publisher ID field' Stored
  179. [webapps] WordPress Plugin LearnPress 3.2.6.8 - Privilege Escalation
  180. [webapps] WordPress Plugin LearnPress 3.2.6.7 - 'current_items' SQL Injection (Authen
  181. [local] Linux Kernel 2.6.19 < 5.9 - 'Netfilter Local Privilege Escalation
  182. [remote] Aruba Instant (IAP) - Remote Code Execution
  183. [remote] Aruba Instant 8.7.1.0 - Arbitrary File Modification
  184. [webapps] Seagate BlackArmor NAS sg2000-2000.1331 - Command Injection
  185. [webapps] ForgeRock Access Manager/OpenAM 14.6.3 - Remote Code Execution (RCE) (Unaut
  186. [local] Argus Surveillance DVR 4.0 - Weak Password Encryption
  187. [webapps] WordPress Plugin Popular Posts 5.3.2 - Remote Code Execution (RCE) (Authent
  188. [webapps] osCommerce 2.3.4.1 - Remote Code Execution (2)
  189. [webapps] Webmin 1.973 - Cross-Site Request Forgery (CSRF)
  190. [webapps] WordPress Plugin Current Book 1.0.1 - 'Book Title and Author field' Stored
  191. [webapps] Garbage Collection Management System 1.0 - SQL Injection + Arbitrary File U
  192. [webapps] WordPress Plugin WPFront Notification Bar 1.9.1.04012 - Stored Cross-Site S
  193. [webapps] OpenEMR 5.0.1.3 - 'manage_site_files' Remote Code Execution (Authenticated)
  194. [webapps] Invoice System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)
  195. [webapps] Apache Tomcat 9.0.0.M1 - Open Redirect
  196. [webapps] Apache Tomcat 9.0.0.M1 - Cross-Site Scripting (XSS)
  197. [webapps] Church Management System 1.0 - SQL Injection (Authentication Bypass) + Arbi
  198. [webapps] Zoo Management System 1.0 - 'Multiple' Stored Cross-Site-Scripting (XSS)
  199. [webapps] Wyomind Help Desk 1.3.6 - Remote Code Execution (RCE)
  200. [webapps] Online Covid Vaccination Scheduler System 1.0 - Arbitrary File Upload to Re
  201. [webapps] Wordpress Plugin SP Project & Document Manager 4.21 - Remote Code Execution
  202. [webapps] Exam Hall Management System 1.0 - Unrestricted File Upload + RCE (Unauthent
  203. [webapps] Employee Record Management System 1.2 - Stored Cross-Site Scripting (XSS)
  204. [webapps] WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Executio
  205. [webapps] Rocket.Chat 3.12.1 - NoSQL Injection to RCE (Unauthenticated) (2)
  206. [webapps] Online Covid Vaccination Scheduler System 1.0 - 'username' time-based blind
  207. [webapps] Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation
  208. [webapps] Phone Shop Sales Managements System 1.0 - Authentication Bypass (SQLi)
  209. [webapps] Phone Shop Sales Managements System 1.0 - 'Multiple' Arbitrary File Upload
  210. [webapps] WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 - Di
  211. [webapps] Netgear DGN2200v1 - Remote Command Execution (RCE) (Unauthenticated)
  212. [webapps] Black Box Kvm Extender 3.4.31307 - Local File Inclusion
  213. [webapps] Pallets Werkzeug 0.15.4 - Path Traversal
  214. [webapps] Billing System Project 1.0 - Remote Code Execution (RCE) (Unauthenticated)
  215. [webapps] Exam Hall Management System 1.0 - Unrestricted File Upload (Unauthenticated
  216. [webapps] perfexcrm 1.10 - 'State' Stored Cross-site scripting (XSS)
  217. [webapps] Visual Tools DVR VX16 4.2.28.0 - OS Command Injection
  218. [webapps] WordPress Plugin WP Learn Manager 1.1.2 - Stored Cross-Site Scripting (XSS)
  219. [webapps] OpenEMR 5.0.1.7 - 'fileName' Path Traversal (Authenticated) (2)
  220. [webapps] Online Voting System 1.0 - SQLi (Authentication Bypass) + Remote Code Execu
  221. [webapps] Online Birth Certificate System 1.1 - 'Multiple' Stored Cross-Site Scriptin
  222. [webapps] Church Management System 1.0 - Unrestricted File Upload to Remote Code Exec
  223. [webapps] Church Management System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)
  224. [webapps] Church Management System 1.0 - 'password' SQL Injection (Authentication Byp
  225. [webapps] Wordpress Plugin Backup Guard 1.5.8 - Remote Code Execution (Authenticated)
  226. [webapps] Simple Client Management System 1.0 - Remote Code Execution (RCE)
  227. [webapps] TextPattern CMS 4.9.0-dev - Remote Command Execution (RCE) (Authenticated)
  228. [webapps] Ricon Industrial Cellular Router S9922XL - Remote Command Execution (RCE)
  229. [webapps] Wordpress Plugin Modern Events Calendar 5.16.2 - Event export (Unauthentica
  230. [webapps] Garbage Collection Management System 1.0 - SQL Injection (Unauthenticated)
  231. [webapps] Scratch Desktop 3.17 - Cross-Site Scripting/Remote Code Execution (XSS/RCE)
  232. [local] WinWaste.NET 1.0.6183.16475 - Privilege Escalation due Incorrect Access Contr
  233. [webapps] AKCP sensorProbe SPX476 - 'Multiple' Cross-Site Scripting (XSS)
  234. [webapps] b2evolution 7.2.2 - 'edit account details' Cross-Site Request Forgery (CSRF
  235. [webapps] Wordpress Plugin Modern Events Calendar 5.16.2 - Remote Code Execution (Aut
  236. [webapps] Vianeos OctoPUS 5 - 'login_user' SQLi
  237. [webapps] Online Voting System 1.0 - Authentication Bypass (SQLi)
  238. [webapps] Online Voting System 1.0 - Remote Code Execution (Authenticated)
  239. [webapps] Wordpress Plugin XCloner 4.2.12 - Remote Code Execution (Authenticated)
  240. [webapps] Doctors Patients Management System 1.0 - SQL Injection (Authentication Bypa
  241. [webapps] phpAbook 0.9i - SQL Injection
  242. [webapps] Apache Superset 1.1.0 - Time-Based Account Enumeration
  243. [webapps] Simple Traffic Offense System 1.0 - Stored Cross Site Scripting (XSS)
  244. [remote] ES File Explorer 4.1.9.7.4 - Arbitrary File Read
  245. [webapps] WordPress Plugin YOP Polls 6.2.7 - Stored Cross Site Scripting (XSS)
  246. [webapps] SAS Environment Manager 2.5 - 'name' Stored Cross-Site Scripting (XSS)
  247. [webapps] Atlassian Jira Server/Data Center 8.16.0 - Reflected Cross-Site Scripting (
  248. [webapps] Netgear WNAP320 2.0.3 - 'macAddress' Remote Code Execution (RCE) (Unauthent
  249. [webapps] Simple Client Management System 1.0 - 'uemail' SQL Injection (Unauthenticat
  250. [webapps] Lightweight facebook-styled blog 1.3 - Remote Code Execution (RCE) (Authent