|
Linux - Broken uid/gid Mapping for Nested User Namespaces
|
CVE-2018-18955
|
2018-11-16
|
|
Easy Outlook Express Recovery 2.0 - Denial of Service (PoC)
|
|
2018-11-16
|
|
Mumsoft Easy Software 2.0 - Denial of Service (PoC)
|
|
2018-11-16
|
|
DomainMOD 4.11.01 - Cross-Site Scripting
|
CVE-2018-19136
|
2018-11-16
|
|
Helpdezk 1.1.1 - Arbitrary File Upload
|
|
2018-11-16
|
|
Warranty Tracking System 11.06.3 - 'txtCustomerCode' SQL Injection
|
|
2018-11-16
|
|
Wordpress Plugin Ninja Forms 3.3.17 - Cross-Site Scripting
|
CVE-2018-19287
|
2018-11-15
|
|
PHP Mass Mail 1.0 - Arbitrary File Upload
|
|
2018-11-15
|
|
2-Plan Team 1.0.4 - Arbitrary File Upload
|
|
2018-11-15
|
|
Simple E-Document 1.31 - 'username' SQL Injection
|
|
2018-11-15
|
|
Kordil EDMS 2.2.60rc3 - Arbitrary File Upload
|
|
2018-11-15
|
|
Meneame English Pligg 5.8 - 'search' SQL Injection
|
|
2018-11-15
|
|
The Powerful Resource of PHP Stream Wrappers
|
|
2018-11-15
|
|
Notepad3 1.0.2.350 - Denial of Service (PoC)
|
|
2018-11-15
|
|
EverSync 0.5 - Arbitrary File Download
|
|
2018-11-15
|
|
Webkit (Chome < 61) - 'MHTML' Universal Cross-site Scripting
|
CVE-2017-5124
|
2018-11-15
|
|
Webkit (Safari) - Universal Cross-site Scripting
|
CVE-2017-7089
|
2018-11-15
|
|
PHP 5.2.3 imap (Debian Based) - 'imap_open' Disable Functions Bypass
|
|
2018-11-15
|
|
Galaxy Forces MMORPG 0.5.8 - 'type' SQL Injection
|
|
2018-11-15
|
|
Net-Billetterie 2.9 - 'login' SQL Injection
|
|
2018-11-15
|
|
BitZoom 1.0 - 'rollno' SQL Injection
|
|
2018-11-15
|
|
PHP-Proxy 5.1.0 - Local File Inclusion
|
CVE-2018-19246
|
2018-11-15
|
|
Precurio Intranet Portal 2.0 - Cross-Site Request Forgery (Add Admin)
|
|
2018-11-15
|
|
SwitchVPN For MacOS 2.1012.03 Privilege Escalation Exploit
|
|
2018-11-14
|
|
SwitchVPN For MacOS / Windows 2.1012.03 Man-In-The-Middle Vulnerability
|
|
2018-11-14
|
|
OCS Inventory NG ocsreports Shell Upload Vulnerability
|
|
2018-11-14
|
|
ntpd 4.2.8p10 - Out-of-Bounds Read Exploit
|
|
2018-11-14
|
|
AMPPS 2.7 - Denial of Service Exploit
|
|
2018-11-14
|
|
Bosch Video Management System 8.0 - Configuration Client Denial of Service (PoC)
|
|
2018-11-14
|
|
DoceboLMS 1.2 - SQL Injection / Arbitrary File Upload
|
|
2018-11-14
|
|
Electricks eCommerce 1.0 - Persistent Cross-Site Scripting
|
|
2018-11-14
|
|
Pedidos 1.0 - SQL Injection
|
|
2018-11-14
|
|
Rmedia SMS 1.0 - SQL Injection
|
|
2018-11-14
|
|
SwitchVPN for macOS 2.1012.03 - Privilege Escalation
|
CVE-2018-18860
|
2018-11-14
|
|
Advanced Comment System 1.0 - SQL Injection
|
CVE-2018-18619
|
2018-11-14
|
|
Dell OpenManage Network Manager 6.2.0.51 SP3 - Multiple Vulnerabilities
|
CVE-2018-15767
|
2018-11-14
|
|
Atlassian Jira - Authenticated Upload Code Execution (Metasploit)
|
|
2018-11-14
|
|
AMPPS 2.7 - Denial of Service (PoC)
|
|
2018-11-14
|
|
EdTv 2 - 'id' SQL Injection
|
|
2018-11-14
|
|
Electricks eCommerce 1.0 - Cross-Site Request Forgery (Change Admin Password)
|
|
2018-11-14
|
|
Helpdezk 1.1.1 - 'query' SQL Injection
|
|
2018-11-14
|
|
ntpd 4.2.8p10 - Out-of-Bounds Read (PoC)
|
CVE-2018-7182
|
2018-11-14
|
|
iServiceOnline 1.0 - 'r' SQL Injection
|
|
2018-11-14
|
|
Linux/x86 - Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shellcode 58 bytes
|
|
2018-11-13
|
|
xorg-x11-server < 1.20.1 - Local Privilege Escalation Exploit
|
|
2018-11-13
|
|
XAMPP Control Panel 3.2.2 - Buffer Overflow (SEH) (Unicode) Exploit
|
|
2018-11-13
|
|
Cisco Immunet < 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service Exploit
|
|
2018-11-13
|
|
Evince 3.24.0 - Command Injection Exploit
|
|
2018-11-13
|
|
CuteFTP Mac 3.1 - Denial of Service Exploit
|
|
2018-11-13
|
|
SIPve 0.0.2-R19 - SQL Injection
|
|
2018-11-13
|
|
Webiness Inventory 2.3 - SQL Injection
|
|
2018-11-13
|
|
Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery (Add Admin)
|
|
2018-11-13
|
|
Maitra Mail Tracking System 1.7.2 - SQL Injection / Database File Download
|
|
2018-11-13
|
|
Alive Parish 2.0.4 - SQL Injection / Arbitrary File Upload
|
|
2018-11-13
|
|
ClipperCMS 1.3.3 - Cross-Site Request Forgery (File Upload)
|
CVE-2018-19135
|
2018-11-13
|
|
Silurus Classifieds Script 2.0 - 'wcategory' SQL Injection
|
|
2018-11-13
|
|
Gumbo CMS 0.99 - SQL Injection
|
|
2018-11-13
|
|
ABC ERP 0.6.4 - Cross-Site Request Forgery (Update Admin)
|
|
2018-11-13
|
|
Easyndexer 1.0 - Arbitrary File Download
|
|
2018-11-13
|
|
Tina4 Stack 1.0.3 - Cross-Site Request Forgery (Update Admin)
|
|
2018-11-13
|
|
Tina4 Stack 1.0.3 - SQL Injection / Database File Download
|
|
2018-11-13
|
|
xorg-x11-server < 1.20.1 - Local Privilege Escalation
|
CVE-2018-14665
|
2018-11-13
|
|
Data Center Audit 2.6.2 - Cross-Site Request Forgery (Update Admin)
|
|
2018-11-13
|
|
Musicco 2.0.0 - Arbitrary Directory Download
|
|
2018-11-13
|
|
Cisco Immunet < 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service
|
CVE-2018-15437
|
2018-11-13
|
|
XAMPP Control Panel 3.2.2 - Buffer Overflow (SEH) (Unicode)
|
|
2018-11-13
|
|
Alienor Web Libre 2.0 - SQL Injection
|
|
2018-11-13
|
|
Surreal ToDo 0.6.1.2 - Local File Inclusion
|
|
2018-11-13
|
|
Surreal ToDo 0.6.1.2 - SQL Injection
|
|
2018-11-13
|
|
Evince 3.24.0 - Command Injection
|
CVE-2017-1000083
|
2018-11-13
|
|
CuteFTP Mac 3.1 - Denial of Service (PoC)
|
|
2018-11-13
|
|
CentOS Web Panel 0.9.8.740 - Cross-Site Request Forgery / Cross-Site Scripting
|
CVE-2018-18772
|
2018-11-13
|
|
Linux/x86 - Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shellcode (58 bytes)
|
|
2018-11-13
|
|
Cisco Prime Infrastructure Unauthenticated Remote Code Execution Exploit
|
|
2018-11-13
|
|
Android 5.0 Battery Information Broadcast Information Disclosure Vulnerability
|
|
2018-11-13
|
|
Android RSSI Broadcast Information Disclosure Vulnerability
|
|
2018-11-13
|
|
ServerZilla 1.0 - email SQL Injection Vulnerability
|
|
2018-11-12
|
|
Nominas 0.27 - username SQL Injection Vulnerability
|
|
2018-11-12
|
|
GPS Tracking System 2.12 - username SQL Injection Vulnerability
|
|
2018-11-12
|
|
Facturation System 1.0 - modid SQL Injection Vulnerability
|
|
2018-11-12
|
|
The Don 1.0.1 - login SQL Injection Vulnerability
|
|
2018-11-12
|
|
Paroiciel 11.20 - tRecIdListe SQL Injection Vulnerability
|
|
2018-11-12
|
|
Easyndexer 1.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
|
|
2018-11-12
|
|
Vignette Content Management 6 Security Bypass Vulnerability
|
|
2018-11-12
|
|
Advanced Comment System 1.0 SQL Injection Vulnerability
|
|
2018-11-12
|
|
Netscape Enterprise 3.63 Cross Site Scripting Vulnerability
|
|
2018-11-12
|
|
Mongoose Web Server 6.9 - Denial of Service Exploit
|
|
2018-11-12
|
|
CuteFTP 9.3.0.3 - Denial of Service Exploit
|
|
2018-11-12
|
|
TP-Link Archer C50 Wireless Router 171227 - CSRF (Configuration File Disclosure) Vulnerability
|
|
2018-11-12
|
|
WordPress WP User Manager 2.0.8 SQL Injection Vulnerability
|
|
2018-11-12
|
|
WordPress PeepSo 1.11.2 XSS / SQL Injection Vulnerabilities
|
|
2018-11-12
|
|
Wordpress Media File Manager 1.4.2 Plugin - Directory Traversal Vulnerability
|
|
2018-11-12
|
|
Data Center Audit 2.6.2 - username SQL Injection Vulnerability
|
|
2018-11-12
|
|
TufinOS 2.17 Build 1193 - XML External Entity Injection Vulnerability
|
|
2018-11-12
|
|
HeidiSQL 9.5.0.5196 - Denial of Service Exploit
|
|
2018-11-12
|
|
Nominas 0.27 - 'username' SQL Injection
|
|
2018-11-12
|
|
Mongoose Web Server 6.9 - Denial of Service (PoC)
|
|
2018-11-12
|
|
D-LINK Central WifiManager CWM-100 - Server-Side Request Forgery
|
|
2018-11-12
|
|
ServerZilla 1.0 - 'email' SQL Injection
|
|
2018-11-12
|
|
GPS Tracking System 2.12 - 'username' SQL Injection
|
|
2018-11-12
|