Devika v1 - Path Traversal via 'snapshot_path'
Textpattern 4.8.8 - Remote Code Execution (RCE) (Authenticated)
Bludit 3-14-1 Plugin 'UploadPlugin' - Remote Code Execution (RCE) (Authenticated)
T-Soft E-Commerce 4 - SQLi (Authenticated)
T-Soft E-Commerce 4 - 'UrunAdi' Stored Cross-Site Scripting (XSS)
Cab Management System 1.0 - Remote Code Execution (RCE) (Authenticated)
Cab Management System 1.0 - 'id' SQLi (Authenticated)
Accounting Journal Management System 1.0 - 'id' SQLi (Authenticated)
T-Soft E-Commerce 4 - change 'admin credentials' Cross-Site Request Forgery (CSRF)
b2evolution 7.2.2 - 'edit account details' Cross-Site Request Forgery (CSRF)
TypeSetter 5.1 - CSRF (Change admin e-mail)
Textpattern CMS 4.6.2 - Cross-site Request Forgery
Textpattern CMS 4.6.2 - 'body' Persistent Cross-Site Scripting
Typesetter CMS 5.1 - 'Site Title' Persistent Cross-Site Scripting
Flatpress Add Blog 1.0.3 - Persistent Cross-Site Scripting
![$site['logo_alt']](/img/neosense-logo.png){kind=logo}
NeoSense » Exploits Search Engine
NeoSense » Exploits Search Engine