Packet Storm

Queuing Simple Chatbot version 1.0 suffers from a remote shell upload vulnerability.

Profiling System version 1.0 suffers from a remote shell upload vulnerability.

Passion Responsive Blogging version 1.0 suffers from a cross site scripting vulnerability.

Online Survey System version 1.0 suffers from cross site scripting and remote file inclusion vulnerabilities.

Online Birth Certificate System version 1.0 suffers from an ignored default credential vulnerability.

Medical Card Generations System version 1.0 suffers from an ignored default credential vulnerability.

Emergency Ambulance Hiring Portal version 1.0 suffer from a WYSIWYG code injection vulnerability.

Printable Staff ID Card Creator System version 1.0 suffers from an insecure direct object reference vulnerability.

Proof of concept automation code to exploit a template injection vulnerability in GitHub repository sqlpad/sqlpad version prior to 6.10.1 that can result in remote code execution.

Proof of concept exploit for Spring Cloud Data Flow versions prior to 2.11.4 that achieves remote code execution through a malicious upload.