AWBS version 2.9.6 suffers from remote SQL injection and cross site scripting vulnerabilities.
1675afe8e039059668317602ec43e19933d8f670b5ec636629c17e9161d7743b
eCardMAX version 10.5 suffers from cross site scripting and remote SQL injection vulnerabilities.
5f8de22c048b71098b35ba1e93cbe3c2fa763ab62088181de333bfc3b4e6b4a4
iBilling version 3.7.0 suffers from multiple stored and reflective cross site scripting vulnerabilities.
90c8a074050732437227d5b545e662c2703b13765c44c9ecfda872f7e4a5d9d0
couponPHP version 2.1 suffers from persistent and reflective cross site scripting vulnerabilities.
613a71e62224a9167b08b5ffb76111090d789619fb9da87b49f160d644c9b11e
Real Estate Portal version 4.1 suffers from multiple persistent cross site scripting vulnerabilities.
132b0a88c9bf85e088ae6a14d8bc97646acfe63f65b9b9e78602d0d7fc6e2ff9
Real Estate Portal version 4.1 suffers from a remote code execution vulnerability via a remote shell upload.
ee40d9bcfcc0351770d9249cb68627f2796fa878c95e2755270299d38b835caa
EduSec version 4.2.5 suffers from multiple remote SQL injection vulnerabilities.
ae2fb04d350828c0760dafcadaba1d40df871f24f55e80016a0916e53bf4cf74
JobScript suffers from an authenticated arbitrary PHP code execution. The vulnerability is caused due to the improper verification of uploaded files in '/admin-ajax.php' script thru the 'name' and 'file' POST parameters. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script file with '.php' extension (to bypass the '.htaccess' block rule) that will be stored in '/jobmonster/wp-content/uploads/jobmonster/' directory.
ebbd14e9080ce7820b95b2208012010a9a83d14e9f97841c699bfbe6706716ab
JobScript suffers from an open redirection vulnerability.
e346964b5931d627f76776af0fec044f2c71e336366251548304f0d59283e2f0
iScripts EasyCreate version 3.0 remote code execution exploit.
f9eba4403db1851e2983b19c6120edd812642398ce364387499ea02c62b073c8
iScripts EasyCreate version 3.0 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
51ba21e8c993b54fdc5c2aaa20bde5026d37b022b8f86570e770abcecf88e995
ManageEngine Application Manager version 12.5 remote command execution exploit.
6355b7805d4ba71134fdfc1fc894d635b1554fa08262595f875feac17295241a
ManageEngine Application Manager 12 suffers from cross site request forgery, privilege escalation, and cross site scripting vulnerabilities.
4ccfcab1a810d64d10215297cc28434df83757d2454551e4b8388ea322be6d40
Realtyna RPL suffers from multiple SQL Injection vulnerabilities. Input passed via multiple POST parameters is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
711cc873d9f03c97d0b1aff0b9423799ea4457bd355199d1d787cb915373136c
Zeeways CMS suffers from cross site scripting and traversal vulnerabilities.
25f2882778c7764dfb5ea41846a44afd5013bb2e206de28d9a888cc2287aa58c