#windows

SourceCodester Water Billing System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the lastname text box under the Add Client module.

Suprema BioStar 2 version 2.8.16 suffers from a remote SQL injection vulnerability.

WebTareas version 2.4 suffers from a remote blind SQL injection vulnerability. Original discovery of this issue in this version is attributed to Behrad Taher in May of 2022. Related CVE number: CVE-2021-43481.

WebTareas version 2.4 suffers from multiple cross site scripting vulnerabilities.

WebTareas version 2.4 suffers from a remote shell upload vulnerability.

Tftpd32_SE version 4.60 suffers from an unquoted service path vulnerability.

Rental House Management System version 1.0 suffers from a cross site scripting vulnerability.

WPN-XM Serverstack for Windows version 0.8.6 suffers from cross site scripting, local file inclusion, and path traversal vulnerabilities.

Atom CMS version 2.0 suffers from a remote SQL injection vulnerability. Original discovery of this issue in this version is attributed to Luca Cuzzolin in February of 2022.

Aero CMS version 0.l0.1 remote shell upload exploit. Original discovery of this issue in this version is attributed to D4rkP0w4r in April of 2022.