admin
# Exploit Title: GetSimple CMS My SMTP Contact Plugin 1.1.2 - CSRF to Stored XSS to RCE...
webapps
# Exploit Title: Moodle 3.10.3 - 'url' Persistent Cross Site Scripting # Date: 22/04/2021 # Exploit Author:...
# Exploit Title: CMS Made Simple 2.2.15 - 'title' Cross-Site Scripting (XSS) # Date: 2021/03/19 # Exploit...
# Exploit Title: OTRS 6.0.1 - Remote Command Execution (2) # Date: 21-04-2021 # Exploit Author: Hex_26...
# Exploit Title: BlackCat CMS 1.3.6 - 'Multiple' Stored Cross-Site Scripting (XSS) # Date: 04/07/2021 # Exploit...
# Exploit Title: Discourse 2.7.0 - Rate Limit Bypass leads to 2FA Bypass # Date: 14/01/2021 #...
# Exploit Title: WordPress Plugin RSS for Yandex Turbo 1.29 - Stored Cross-Site Scripting (XSS) # Date:...
# Exploit Title: Fast PHP Chat 1.3 - 'my_item_search' SQL Injection # Date: 15/04/2021 # Exploit Author:...
# Exploit Title: RemoteClinic 2 - 'Multiple' Cross-Site Scripting (XSS) # Exploit Author: nu11secur1ty # Debug: g3ck0dr1v3r...
[*] [*]# Exploit Title: Horde Groupware Webmail 5.2.22 - Stored XSS # Author: Alex Birnberg # Testing...
# Exploit Title: htmly 2.8.0 - 'description' Stored Cross-Site Scripting (XSS) # Authors: @nu11secur1ty & G.Dzhankushev #...
# Exploit Title: Tileserver-gl 3.0.0 - 'key' Reflected Cross-Site Scripting (XSS) # Date: 15/04/2021 # Exploit Author:...
# Exploit Title: GetSimple CMS My SMTP Contact Plugin 1.1.1 - CSRF to RCE # Exploit Author:...
# Exploit Title: jQuery 1.0.3 - Cross-Site Scripting (XSS) # Date: 04/29/2020 # Exploit Author: Central InfoSec...
# Exploit Title: Genexis PLATINUM 4410 2.1 P4410-V2-1.28 - RCE # Date: 12-4-2021 # Exploit Author: Jay...
# Exploit Title: CITSmart ITSM 9.1.2.27 - 'query' Time-based Blind SQL Injection (Authenticated) # Google Dork: "citsmart.local"...
# Exploit Title: CITSmart ITSM 9.1.2.22 - LDAP Injection # Google Dork: "citsmart.local" # Date: 29/12/2020 #...
# Exploit Title: jQuery 1.2 - Cross-Site Scripting (XSS) # Date: 04/29/2020 # Exploit Author: Central InfoSec...
# Exploit Title: Digital Crime Report Management System 1.0 - SQL Injection (Authentication Bypass) # Date: 13...
# Exploit Title: ExpressVPN VPN Router 1.0 - Router Login Panel's Integer Overflow # Date: 09-04-2021 #...
