CVE-2021-43659

In halo 1.4.14, the function point of uploading the avatar, any file can be uploaded, such as uploading an HTML file, which will cause a stored XSS vulnerability...

WSTMart 2.0.8 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: WSTMart 2.0.8 - Cross-Site Request Forgery Add Admin Exploit Author: linfeng Vendor Homepage:https://github.com/wstmall/wstmart/ Software Link:http://www.wstmart.net/ Version: WSTMart 2.0.8181212 CVE :CVE-2018-19138 0x02 CSRF Po...