Security Vulnerabilities & Exploits

Daily Habit Tracker 1.0 - Broken Access Control

Daily Habit Tracker 1.0 - SQL Injection

Daily Habit Tracker 1.0 - Stored Cross-Site Scripting (XSS)

Employee Management System 1.0 - `txtusername` and `txtpassword` SQL Injection (Admin Login)

Employee Management System 1.0 - `txtfullname` and `txtphone` SQL Injection

LeptonCMS 7.0.0 - Remote Code Execution (RCE) (Authenticated)

FoF Pretty Mail 1.1.2 - Server Side Template Injection (SSTI)

FoF Pretty Mail 1.1.2 - Local File Inclusion (LFI)

Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation

Hospital Management System v1.0 - Stored Cross Site Scripting (XSS)

E-INSUARANCE v1.0 - Stored Cross Site Scripting (XSS)

Petrol Pump Management Software v1.0 - Remote Code Execution (RCE)

GL-iNet MT6000 4.5.5 - Arbitrary File Download

Rapid7 nexpose - 'nexposeconsole' Unquoted Service Path

OpenCart Core 4.0.2.3 - 'search' SQLi

ASUS Control Center Express 01.06.15 - Unquoted Service Path

Online Hotel Booking In PHP 1.0 - Blind SQL Injection (Unauthenticated)

Simple Backup Plugin Python Exploit 2.7.10 - Path Traversal

Workout Journal App 1.0 Cross Site Scripting

Rapid7 nexpose vulnerability management software - 'nexposeconsole' Unquoted Service Path