#auth

Blood Bank version 1.0 suffers from a persistent cross site scripting vulnerability.

The PsyRAT 0.01 malware listens on random high TCP ports 53297, 53211, 532116 and so forth. Connecting to an infected host returns a logon prompt for PASS. However, you can enter anything or nothing at all and execute commands made available by the backdoor.

Daily Habit Tracker version 1.0 suffers from an access control vulnerability.

Daily Habit Tracker version 1.0 suffers from a remote SQL injection vulnerability.

Daily Habit Tracker version 1.0 suffers from a persistent cross site scripting vulnerability.

Employee Management System version 1.0 suffers from additional remote SQL injection vulnerabilities. Original discovery of this finding is attributed to Ozlem Balci in January of 2024.

WordPress Simple Backup plugin versions prior to 2.7.10 suffer from file download and path traversal vulnerabilities.

OpenCart Core version 4.0.2.3 suffers from a remote SQL injection vulnerability.

Online Hotel Booking in PHP version 1.0 suffers from a remote blind SQL injection vulnerability.

ASUS Control Center Express version 01.06.15 suffers from an unquoted service path vulnerability.