AWebServer GhostBuilding 18 - Denial of Service (DoS)

Hostel Management System 2.1 - Cross Site Scripting (XSS)

Nettmp NNT 5.1 - SQLi Authentication Bypass

SAFARI Montage 8.5 - Reflected Cross Site Scripting (XSS)

Library System in PHP 1.0 - 'publisher name' Stored Cross-Site Scripting (XSS)

WordPress Plugin The True Ranker 2.2.2 - Arbitrary File Read (Unauthenticated)

Online Admission System 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Movie Rating System 1.0 - SQLi to RCE (Unauthenticated)

Movie Rating System 1.0 - Broken Access Control (Admin Account Creation) (Unauthenticated)

Accu-Time Systems MAXIMUS 1.0 - Telnet Remote Buffer Overflow (DoS)

WordPress Plugin WP Visitor Statistics 4.7 - SQL Injection

ConnectWise Control 19.2.24707 - Username Enumeration

WordPress Plugin Contact Form Entries 1.1.6 - Cross Site Scripting (XSS) (Unauthenticated)

RiteCMS 3.1.0 - Remote Code Execution (RCE) (Authenticated)

RiteCMS 3.1.0 - Arbitrary File Deletion (Authenticated)

RiteCMS 3.1.0 - Arbitrary File Overwrite (Authenticated)

Siemens S7 Layer 2 - Denial of Service (DoS)

CMSimple 5.4 - Cross Site Scripting (XSS)

Exponent CMS 2.6 - Multiple Vulnerabilities

phpKF CMS 3.00 Beta y6 - Remote Code Execution (RCE) (Unauthenticated)

WBCE CMS 1.5.1 - Admin Password Reset

Arunna 1.0.0 - 'Multiple' Cross-Site Request Forgery (CSRF)

Croogo 3.0.2 - 'Multiple' Stored Cross-Site Scripting (XSS)

Croogo 3.0.2 - Unrestricted File Upload

Cibele Thinfinity VirtualUI 2.5.41.0 - User Enumeration

Oliver Library Server v5 - Arbitrary File Download

Microsoft Internet Explorer / ActiveX Control - Security Bypass

Online Thesis Archiving System 1.0 - SQLi Authentication Bypass

meterN v1.2.3 - Remote Code Execution (RCE) (Authenticated)

Zucchetti Axess CLOKI Access Control 1.64 - Cross Site Request Forgery (CSRF)

Booked Scheduler 2.7.5 - Remote Command Execution (RCE) (Authenticated)

WordPress Plugin Typebot 1.4.3 - Stored Cross Site Scripting (XSS) (Authenticated)

Apache Log4j 2 - Remote Code Execution (RCE)

Laravel Valet 2.0.3 - Local Privilege Escalation (macOS)

Apache Log4j2 2.14.1 - Information Disclosure

WebHMI 4.0 - Remote Code Execution (RCE) (Authenticated)

HD-Network Real-time Monitoring System 2.0 - Local File Inclusion (LFI)

Free School Management Software 1.0 - Remote Code Execution (RCE)

Free School Management Software 1.0 - 'multiple' Stored Cross-Site Scripting (XSS)

OpenCATS 0.9.4 - Remote Code Execution (RCE)

Employees Daily Task Management System 1.0 - 'multiple' Cross Site Scripting (XSS)

Employees Daily Task Management System 1.0 - 'username' SQLi Authentication Bypass

Grafana 8.3.0 - Directory Traversal and Arbitrary File Read

Wordpress Plugin Catch Themes Demo Import 1.6.1 - Remote Code Execution (RCE) (Authenticated)

Student Management System 1.0 - SQLi Authentication Bypass

TestLink 1.19 - Arbitrary File Download (Unauthenticated)

Raspberry Pi 5.10 - Default Credentials

MTPutty 1.0.1.21 - SSH Password Disclosure

LimeSurvey 5.2.4 - Remote Code Execution (RCE) (Authenticated)

Chikitsa Patient Management System 2.0.2 - 'backup' Remote Code Execution (RCE) (Authenticated)

Chikitsa Patient Management System 2.0.2 - 'plugin' Remote Code Execution (RCE) (Authenticated)

Chikitsa Patient Management System 2.0.2 - Remote Code Execution (RCE) (Authenticated)

Croogo 3.0.2 - Remote Code Execution (Authenticated)

Auerswald COMpact 8.0B - Multiple Backdoors

Auerswald COMpact 8.0B - Arbitrary File Disclosure

Auerswald COMpact 8.0B - Privilege Escalation

HCL Lotus Notes V12 - Unquoted Service Path

Auerswald COMfortel 2.8F - Authentication Bypass

WordPress Plugin DZS Zoomsounds 6.45 - Arbitrary File Read (Unauthenticated)

WordPress Plugin Slider by Soliloquy 2.6.2 - 'title' Stored Cross Site Scripting (XSS) (Authenticated)