OpenBMCS 2.4 - Cross Site Request Forgery (CSRF)

Exploit Title: OpenBMCS 2.4 - Cross Site Request Forgery CSRF Exploit Author: LiquidWorm Date: 26/10/2021 OpenBMCS 2.4 CSRF Send E-mail Vendor: OPEN BMCS Product web page: https://www.openbmcs.com Affected version: 2.4 Summary: Building Management & Controls System BMCS. No matter what the size o...

BoxBilling 3.6.11 - 'mod_notification' Persistent Cross-Site Scripting

BoxBilling 3.6.11 modnotification Stored Cross-Site Scripting Vulnerability Vendor: BoxBilling Product web page: http://www.boxbilling.com Affected version: 3.6.11 modnotification 1.0.0 Summary: BoxBilling is a free billing, invoicing & client management software. Desc: BoxBilling suffers from a...