Sysax Multi Server 6.99 Cross Site Scripting

Exploit Title: Sysax Multi Server 6.99 - Reflected XSS Date: 2024-11-03 Exploit Author: Yehia Elghaly Mrvar0x Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download/sysaxservsetup.msi Version: MultiServer 6.99 Tested on: Windows 10 x64 Reflected XSS - Affected...

CVE-2024-10426

A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been classified as critical. This affects an unknown part of the file /animalsadd.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

PT-2024-8128 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A6000R version 1.0.1-B20201211.2000 Description: The issue is related to a command injection vulnerability in the apcli do enr pbc wps function. This vulnerability is associated with the failure to neutralize special elements used in...

CVE-2022-25556

Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub42E328. This vulnerability allows attackers to cause a Denial of Service DoS via the list parameter...

CVE-2019-17116

A stored and reflected cross-site scripting XSS vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/groups.jsp. The groupName parameter is vulnerable: the reflected cross-site scripting occurs immediately...