Exploits (Total: 93883)

    
    
    
Linux - Broken uid/gid Mapping for Nested User Namespaces
CVE-2018-18955
2018-11-16
Easy Outlook Express Recovery 2.0 - Denial of Service (PoC)
2018-11-16
Mumsoft Easy Software 2.0 - Denial of Service (PoC)
2018-11-16
DomainMOD 4.11.01 - Cross-Site Scripting
CVE-2018-19136
2018-11-16
Helpdezk 1.1.1 - Arbitrary File Upload
2018-11-16
Warranty Tracking System 11.06.3 - 'txtCustomerCode' SQL Injection
2018-11-16
Wordpress Plugin Ninja Forms 3.3.17 - Cross-Site Scripting
CVE-2018-19287
2018-11-15
PHP Mass Mail 1.0 - Arbitrary File Upload
2018-11-15
2-Plan Team 1.0.4 - Arbitrary File Upload
2018-11-15
Simple E-Document 1.31 - 'username' SQL Injection
2018-11-15
Kordil EDMS 2.2.60rc3 - Arbitrary File Upload
2018-11-15
Meneame English Pligg 5.8 - 'search' SQL Injection
2018-11-15
The Powerful Resource of PHP Stream Wrappers
2018-11-15
Notepad3 1.0.2.350 - Denial of Service (PoC)
2018-11-15
EverSync 0.5 - Arbitrary File Download
2018-11-15
Webkit (Chome < 61) - 'MHTML' Universal Cross-site Scripting
CVE-2017-5124
2018-11-15
Webkit (Safari) - Universal Cross-site Scripting
CVE-2017-7089
2018-11-15
PHP 5.2.3 imap (Debian Based) - 'imap_open' Disable Functions Bypass
2018-11-15
Galaxy Forces MMORPG 0.5.8 - 'type' SQL Injection
2018-11-15
Net-Billetterie 2.9 - 'login' SQL Injection
2018-11-15
BitZoom 1.0 - 'rollno' SQL Injection
2018-11-15
PHP-Proxy 5.1.0 - Local File Inclusion
CVE-2018-19246
2018-11-15
Precurio Intranet Portal 2.0 - Cross-Site Request Forgery (Add Admin)
2018-11-15
SwitchVPN For MacOS 2.1012.03 Privilege Escalation Exploit
2018-11-14
SwitchVPN For MacOS / Windows 2.1012.03 Man-In-The-Middle Vulnerability
2018-11-14
OCS Inventory NG ocsreports Shell Upload Vulnerability
2018-11-14
ntpd 4.2.8p10 - Out-of-Bounds Read Exploit
2018-11-14
AMPPS 2.7 - Denial of Service Exploit
2018-11-14
Bosch Video Management System 8.0 - Configuration Client Denial of Service (PoC)
2018-11-14
DoceboLMS 1.2 - SQL Injection / Arbitrary File Upload
2018-11-14
Electricks eCommerce 1.0 - Persistent Cross-Site Scripting
2018-11-14
Pedidos 1.0 - SQL Injection
2018-11-14
Rmedia SMS 1.0 - SQL Injection
2018-11-14
SwitchVPN for macOS 2.1012.03 - Privilege Escalation
CVE-2018-18860
2018-11-14
Advanced Comment System 1.0 - SQL Injection
CVE-2018-18619
2018-11-14
Dell OpenManage Network Manager 6.2.0.51 SP3 - Multiple Vulnerabilities
CVE-2018-15767
2018-11-14
Atlassian Jira - Authenticated Upload Code Execution (Metasploit)
2018-11-14
AMPPS 2.7 - Denial of Service (PoC)
2018-11-14
EdTv 2 - 'id' SQL Injection
2018-11-14
Electricks eCommerce 1.0 - Cross-Site Request Forgery (Change Admin Password)
2018-11-14
Helpdezk 1.1.1 - 'query' SQL Injection
2018-11-14
ntpd 4.2.8p10 - Out-of-Bounds Read (PoC)
CVE-2018-7182
2018-11-14
iServiceOnline 1.0 - 'r' SQL Injection
2018-11-14
Linux/x86 - Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shellcode 58 bytes
2018-11-13
xorg-x11-server < 1.20.1 - Local Privilege Escalation Exploit
2018-11-13
XAMPP Control Panel 3.2.2 - Buffer Overflow (SEH) (Unicode) Exploit
2018-11-13
Cisco Immunet < 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service Exploit
2018-11-13
Evince 3.24.0 - Command Injection Exploit
2018-11-13
CuteFTP Mac 3.1 - Denial of Service Exploit
2018-11-13
SIPve 0.0.2-R19 - SQL Injection
2018-11-13
Webiness Inventory 2.3 - SQL Injection
2018-11-13
Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery (Add Admin)
2018-11-13
Maitra Mail Tracking System 1.7.2 - SQL Injection / Database File Download
2018-11-13
Alive Parish 2.0.4 - SQL Injection / Arbitrary File Upload
2018-11-13
ClipperCMS 1.3.3 - Cross-Site Request Forgery (File Upload)
CVE-2018-19135
2018-11-13
Silurus Classifieds Script 2.0 - 'wcategory' SQL Injection
2018-11-13
Gumbo CMS 0.99 - SQL Injection
2018-11-13
ABC ERP 0.6.4 - Cross-Site Request Forgery (Update Admin)
2018-11-13
Easyndexer 1.0 - Arbitrary File Download
2018-11-13
Tina4 Stack 1.0.3 - Cross-Site Request Forgery (Update Admin)
2018-11-13
Tina4 Stack 1.0.3 - SQL Injection / Database File Download
2018-11-13
xorg-x11-server < 1.20.1 - Local Privilege Escalation
CVE-2018-14665
2018-11-13
Data Center Audit 2.6.2 - Cross-Site Request Forgery (Update Admin)
2018-11-13
Musicco 2.0.0 - Arbitrary Directory Download
2018-11-13
Cisco Immunet < 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service
CVE-2018-15437
2018-11-13
XAMPP Control Panel 3.2.2 - Buffer Overflow (SEH) (Unicode)
2018-11-13
Alienor Web Libre 2.0 - SQL Injection
2018-11-13
Surreal ToDo 0.6.1.2 - Local File Inclusion
2018-11-13
Surreal ToDo 0.6.1.2 - SQL Injection
2018-11-13
Evince 3.24.0 - Command Injection
CVE-2017-1000083
2018-11-13
CuteFTP Mac 3.1 - Denial of Service (PoC)
2018-11-13
CentOS Web Panel 0.9.8.740 - Cross-Site Request Forgery / Cross-Site Scripting
CVE-2018-18772
2018-11-13
Linux/x86 - Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shellcode (58 bytes)
2018-11-13
Cisco Prime Infrastructure Unauthenticated Remote Code Execution Exploit
2018-11-13
Android 5.0 Battery Information Broadcast Information Disclosure Vulnerability
2018-11-13
Android RSSI Broadcast Information Disclosure Vulnerability
2018-11-13
ServerZilla 1.0 - email SQL Injection Vulnerability
2018-11-12
Nominas 0.27 - username SQL Injection Vulnerability
2018-11-12
GPS Tracking System 2.12 - username SQL Injection Vulnerability
2018-11-12
Facturation System 1.0 - modid SQL Injection Vulnerability
2018-11-12
The Don 1.0.1 - login SQL Injection Vulnerability
2018-11-12
Paroiciel 11.20 - tRecIdListe SQL Injection Vulnerability
2018-11-12
Easyndexer 1.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
2018-11-12
Vignette Content Management 6 Security Bypass Vulnerability
2018-11-12
Advanced Comment System 1.0 SQL Injection Vulnerability
2018-11-12
Netscape Enterprise 3.63 Cross Site Scripting Vulnerability
2018-11-12
Mongoose Web Server 6.9 - Denial of Service Exploit
2018-11-12
CuteFTP 9.3.0.3 - Denial of Service Exploit
2018-11-12
TP-Link Archer C50 Wireless Router 171227 - CSRF (Configuration File Disclosure) Vulnerability
2018-11-12
WordPress WP User Manager 2.0.8 SQL Injection Vulnerability
2018-11-12
WordPress PeepSo 1.11.2 XSS / SQL Injection Vulnerabilities
2018-11-12
Wordpress Media File Manager 1.4.2 Plugin - Directory Traversal Vulnerability
2018-11-12
Data Center Audit 2.6.2 - username SQL Injection Vulnerability
2018-11-12
TufinOS 2.17 Build 1193 - XML External Entity Injection Vulnerability
2018-11-12
HeidiSQL 9.5.0.5196 - Denial of Service Exploit
2018-11-12
Nominas 0.27 - 'username' SQL Injection
2018-11-12
Mongoose Web Server 6.9 - Denial of Service (PoC)
2018-11-12
D-LINK Central WifiManager CWM-100 - Server-Side Request Forgery
2018-11-12
ServerZilla 1.0 - 'email' SQL Injection
2018-11-12
GPS Tracking System 2.12 - 'username' SQL Injection
2018-11-12
Easyndexer 1.0 - Cross-Site Request Forgery (Add Admin)
2018-11-12
CuteFTP 9.3.0.3 - Denial of Service (PoC)
2018-11-12
Facturation System 1.0 - 'modid' SQL Injection
2018-11-12
The Don 1.0.1 - 'login' SQL Injection
2018-11-12
TP-Link Archer C50 Wireless Router 171227 - Cross-Site Request Forgery (Configuration File Disclosure)
2018-11-12
Paroiciel 11.20 - 'tRecIdListe' SQL Injection
2018-11-12
Wordpress Plugin Media File Manager 1.4.2 - Directory Traversal
2018-11-12
TufinOS 2.17 Build 1193 - XML External Entity Injection
2018-11-12
Data Center Audit 2.6.2 - 'username' SQL Injection
2018-11-12
HeidiSQL 9.5.0.5196 - Denial of Service (PoC)
2018-11-12
Windows/x86 - Messagebox Shellcode 358 bytes
2018-11-11
Cisco Immunet / Cisco AMP For Endpoints Scanning Denial Of Service Exploit
2018-11-11
Microsoft Windows 10 (Build 17134) - Local Privilege Escalation (UAC Bypass) Exploit
2018-11-11
D-LINK Central WifiManager (CWM 100) 1.03 r0098 Man-In-The-Middle Vulnerability
2018-11-11
D-LINK Central WifiManager (CWM 100) 1.03 r0098 Server-Side Request Forgery Vulnerability
2018-11-11
D-LINK Central WifiManager (CWM 100) 1.03 r0098 DLL Hijacking Exploit
2018-11-11
OpenSLP 2.0.0 - Multiple Vulnerabilities
2018-11-11
Microsoft Windows 10 (Build 17134) - Local Privilege Escalation (UAC Bypass)
2018-11-09
OpenSLP 2.0.0 - Multiple Vulnerabilities
CVE-2016-7567
2018-11-09
Cradlepoint Router Password Disclosure Vulnerability
2018-11-08
Dell OpenManage Network Manager 6.2.0.51 SP3 Privilege Escalation Exploit
2018-11-07
CI User Login and Management 1.0 - Arbitrary File Upload Vulnerability
2018-11-07
Arm Whois 3.11 - Buffer Overflow (SEH) Exploit
2018-11-07
libiec61850 1.3 - Stack Based Buffer Overflow
2018-11-07
LibreHealth 2.0.0 - Arbitrary File Actions Vulnerability
2018-11-07
OpenBiz Cubi Lite 3.0.8 - username SQL Injection Vulnerability
2018-11-07
Grocery crud 1.6.1 - search_field SQL Injection Vulnerability
2018-11-07
VSAXESS V2.6.2.70 build20171226_053 - organization Denial of Service Exploit
2018-11-07
OOP CMS BLOG 1.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
2018-11-07
eToolz 3.4.8.0 - Denial of Service Exploit
2018-11-07
OOP CMS BLOG 1.0 - search SQL Injection Vulnerability
2018-11-07
PlayJoom 0.10.1 - catid SQL Injection Vulnerability
2018-11-07
Blue Server 1.1 - Denial of Service Exploit
2018-11-07
XNU Kernel iOS / macOS heap buffer overflow Exploit
2018-11-07
FaceTime - VCPDecompressionDecodeFrame Memory Corruption Exploit
2018-11-07
FaceTime - readSPSandGetDecoderParams Stack Corruption Exploit
2018-11-07
FaceTime - RTP Video Processing Heap Corruption Exploit
2018-11-07
Morris Worm fingerd Stack Buffer Overflow Exploit
2018-11-07
Morris Worm sendmail Debug Mode Shell Escape Exploit
2018-11-07
blueimp jQuery Arbitrary File Upload Exploit
2018-11-07
QBee Camera / iSmartAlarm Credential Disclosure Vulnerability
2018-11-07
CMS Made Simple 2.2.7 Remote Code Execution Exploit
2018-11-07
CentOS Web Panel Root Account Takeover <= v0.9.8.740 Remote Command Execution Exploit
2018-11-07
Easy File Sharing Web Server 7.2 - author Remote Buffer Overflow (SEH) Exploit
2018-11-07
Microsoft Internet Explorer 11 - Null Pointer Dereference Exploit
2018-11-07
Softros LAN Messenger 9.2 - Denial of Service Exploit
2018-11-07
Intel (Skylake / Kaby Lake) - PortSmash CPU SMT Side-Channel Exploit
2018-11-07
Virgin Media Hub 3.0 Router - Denial of Service Exploit
2018-11-07
Mongo Web Admin 6.0 - Information Disclosure Vulnerability
2018-11-07
Poppy Web Interface Generator 0.8 - Arbitrary File Upload Vulnerability
2018-11-07
Voovi Social Networking Script 1.0 - user SQL Injection Vulnerability
2018-11-07
PHP Proxy 3.0.3 - Local File Inclusion Exploit
2018-11-07
Advantech WebAccess SCADA 8.3.2 - Remote Code Execution Exploit
2018-11-07
WebVet 0.1a - id SQL Injection Vulnerability
2018-11-07
SiAdmin 1.1 - id SQL Injection Vulnerability
2018-11-07
LiquidVPN For macOS 1.3.7 Privilege Escalation Vulnerability
2018-11-07
Royal TSX Information Disclosure Vulnerability
2018-11-07
Yot CMS 3.3.1 - aid SQL Injection Vulnerability
2018-11-07
qdPM 9.1 - filter_by SQL Injection Vulnerability
2018-11-07
Zint Barcode Generator 2.6 - Denial of Service Exploit
2018-11-07
CdCatalog 2.3.1 - Denial of Service Exploit
2018-11-07
WinMTR 0.91 - Denial of Service Exploit
2018-11-07
Gate Pass Management System 2.1 - login SQL Injection Vulnerability
2018-11-07
Jelastic 5.4 - host SQL Injection Vulnerability
2018-11-07
Fantastic Blog CMS 1.0 - id SQL Injection Vulnerability
2018-11-07
Sourcetree Git Arbitrary Code Execution Vulnerability
2018-11-07
Anviz AIM CrossChex Standard 4.3 Excel Macro Injection Vulnerability
2018-11-07
WebDrive 18.00.5057 - Denial of Service Exploit
2018-11-07
Arm Whois 3.11 - Denial of Service Exploit
2018-11-07
Artha The Open Thesaurus 1.0.3.0 - Denial of Service Exploit
2018-11-07
gVisor runsc Guest -> Host Breakout Via Filesystem Cache Desync
2018-11-07
EE 4GEE HH70VB-2BE8GB3 HH70_E1_02.00_19 Hard-Coded Credentails Vulnerability
2018-11-07
Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution Exploit
2018-11-07
Asaancart Simple PHP Shopping Cart 0.9 - Arbitrary File Upload / SQL Injection Vulnerabilities
2018-11-07
Notes Manager 1.0 - Arbitrary File Upload Vulnerability
2018-11-07
Microstrategy Web 7 - Cross-Site Scripting / Directory Traversal Vulnerabilities
2018-11-07
University Application System 1.0 - SQL Injection / Cross-Site Request Forgery (Add Admin)
2018-11-07
Exploit
2018-11-07
Exploit
2018-11-06
Exploit
2018-11-06
OpenBiz Cubi Lite 3.0.8 - 'username' SQL Injection
2018-11-06
OOP CMS BLOG 1.0 - 'search' SQL Injection
2018-11-06
libiec61850 1.3 - Stack Based Buffer Overflow
CVE-2018-18957
2018-11-06
eToolz 3.4.8.0 - Denial of Service (PoC)
2018-11-06
Arm Whois 3.11 - Buffer Overflow (SEH)
2018-11-06
Grocery crud 1.6.1 - 'search_field' SQL Injection
2018-11-06
OOP CMS BLOG 1.0 - Cross-Site Request Forgery (Add Admin)
2018-11-06
CMS Made Simple 2.2.7 - Remote Code Execution
CVE-2018-10517
2018-11-06
Blue Server 1.1 - Denial of Service (PoC)
2018-11-06
Morris Worm - fingerd Stack Buffer Overflow (Metasploit)
2018-11-06
blueimp's jQuery 9.22.0 - (Arbitrary) File Upload (Metasploit)
CVE-2018-9206
2018-11-06
Morris Worm - sendmail Debug Mode Shell Escape (Metasploit)
2018-11-06
FaceTime - 'VCPDecompressionDecodeFrame' Memory Corruption
CVE-2018-4366
2018-11-06
FaceTime - 'readSPSandGetDecoderParams' Stack Corruption
CVE-2018-4367
2018-11-06
FaceTime - RTP Video Processing Heap Corruption
CVE-2018-4384
2018-11-06
Intel (Skylake / Kaby Lake) - 'PortSmash' CPU SMT Side-Channel
CVE-2018-5407
2018-11-05
Voovi Social Networking Script 1.0 - 'user' SQL Injection
2018-11-05
Royal TS/X - Information Disclosure
CVE-2018-18865
2018-11-05
LiquidVPN 1.36 / 1.37 - Privilege Escalation
CVE-2018-18856
2018-11-05
Softros LAN Messenger 9.2 - Denial of Service (PoC)
2018-11-05
PHP Proxy 3.0.3 - Local File Inclusion
2018-11-05
Mongo Web Admin 6.0 - Information Disclosure
2018-11-05
Microsoft Internet Explorer 11 - Null Pointer Difference
2018-11-05
Poppy Web Interface Generator 0.8 - Arbitrary File Upload
2018-11-05
Virgin Media Hub 3.0 Router - Denial of Service (PoC)
2018-11-05
WebVet 0.1a - 'id' SQL Injection
2018-11-05
Advantech WebAccess SCADA 8.3.2 - Remote Code Execution
CVE-2018-15705
2018-11-05
SiAdmin 1.1 - 'id' SQL Injection
2018-11-05
Zint Barcode Generator 2.6 - Denial of Service (PoC)
2018-11-04
CdCatalog 2.3.1 - Denial of Service (PoC)
2018-11-04
WinMTR 0.91 - Denial of Service (PoC)
2018-11-04
Yot CMS 3.3.1 - 'aid' SQL Injection
2018-11-04
qdPM 9.1 - 'filter_by' SQL Injection
2018-11-04
Gate Pass Management System 2.1 - 'login' SQL Injection
2018-11-04
Anviz AIM CrossChex Standard 4.3 - CSV Injection
2018-11-04
Jelastic 5.4 - 'host' SQL Injection
2018-11-04
Fantastic Blog CMS 1.0 - 'id' SQL Injection
2018-11-04
Arm Whois 3.11 - Denial of Service (PoC)
2018-11-04
WebDrive 18.00.5057 - Denial of Service (PoC)
2018-11-04
Artha The Open Thesaurus 1.0.3.0 - Denial of Service (PoC)
2018-11-04
SmartFTP Client 9.0.2615.0 - Denial of Service (PoC)
2018-11-04
Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution
2018-11-04
CI User Login and Management 1.0 - Arbitrary File Upload
2018-11-04
Asaancart Simple PHP Shopping Cart 0.9 - Arbitrary File Upload / SQL Injection
2018-11-04
Microstrategy Web 7 - Cross-Site Scripting / Directory Traversal
CVE-2018-18775
2018-11-04
Instagram Clone 1.0 - Arbitrary File Upload
2018-11-04
Notes Manager 1.0 - Arbitrary File Upload
2018-11-04
University Application System 1.0 - SQL Injection / Cross-Site Request Forgery (Add Admin)
2018-11-04
Expense Management 1.0 - Arbitrary File Upload
2018-11-04
SIPp 3.3.990 - Local Buffer Overflow (PoC)
2018-11-04
QNAP NetBak Replicator 4.5.6.0607 - Denial of Service (PoC)
2018-11-04
Nutanix AOS & Prism < 5.5.5 (LTS) / < 5.8.1 (STS) - SFTP Authentication Bypass
2018-11-04
MyBB Downloads 2.0.3 - SQL Injection
2018-11-04
ZyXEL VMG3312-B10B < 1.00(AAPP.7) - Credential Disclosure
2018-11-04
Phrack: Viewer Discretion Advised: (De)coding an iOS Kernel Vulnerability (Adam Donenfeld)
2018-11-04
Any Sound Recorder 2.93 - Buffer Overflow Local (SEH) (Metasploit)
2018-11-04
Windows/x64 - Remote (Bind TCP) Keylogger Shellcode (864 bytes) (Generator)
2018-11-04
xorg-x11-server 1.20.3 - Privilege Escalation
CVE-2018-14665
2018-11-04
NETGEAR WiFi Router R6120 - Credential Disclosure
2018-11-04
Webiness Inventory 2.9 - Arbitrary File Upload
2018-11-04
phptpoint Pharmacy Management System 1.0 - 'username' SQL Injection
2018-11-04
R 3.4.4 (Windows 10 x64) - Buffer Overflow (DEP/ASLR Bypass)
2018-11-04
Electricks eCommerce 1.0 - 'prodid' SQL Injection
2018-11-04
South Gate Inn Online Reservation System 1.0 - 'q' SQL Injection
2018-11-04
K-iwi Framework 1775 - SQL Injection
CVE-2018-18755
2018-11-04
SaltOS Erp Crm 3.1 r8126 - Database File Download
CVE-2018-18762
2018-11-04
SaltOS Erp Crm 3.1 r8126 - SQL Injection (2)
CVE-2018-18763
2018-11-04
Modbus Slave 7.0.0 - Denial of Service (PoC)
CVE-2018-18759
2018-11-04
SaltOS Erp Crm 3.1 r8126 - SQL Injection
CVE-2018-18761
2018-11-04
E-Negosyo System 1.0 - SQL Injection
CVE-2018-18801
2018-11-04
RhinOS CMS 3.x - Arbitrary File Download
CVE-2018-18760
2018-11-04
PayPal-Credit Card-Debit Card Payment 1.0 - SQL Injection
CVE-2018-18800
2018-11-04
School Attendance Monitoring System 1.0 - SQL Injection
CVE-2018-18798
2018-11-04
School Attendance Monitoring System 1.0 - Arbitrary File Upload
CVE-2018-18799
2018-11-04
School Attendance Monitoring System 1.0 - Cross-Site Request Forgery (Update Admin)
CVE-2018-18797
2018-11-04
School Event Management System 1.0 - Cross-Site Request Forgery (Update Admin)
CVE-2018-18794
2018-11-04
School Event Management System 1.0 - Arbitrary File Upload
CVE-2018-18793
2018-11-04
School Event Management System 1.0 - SQL Injection
CVE-2018-18795
2018-11-04
Point of Sales (POS) in VB.Net MySQL Database 1.0 - SQL Injection
CVE-2018-18805
2018-11-04
Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection
CVE-2018-18804
2018-11-04
Curriculum Evaluation System 1.0 - SQL Injection
CVE-2018-18803
2018-11-04
Aplaya Beach Resort Online Reservation System 1.0 - SQL Injection / Cross-Site Request Forgery
2018-11-04
MTGAS MOGG Web Simulator Script - SQL Injection
2018-11-04
ASRock Drivers - Privilege Escalation
CVE-2018-10709
2018-11-04
systemd - chown_one() can Dereference Symlinks
CVE-2018-15687
2018-11-04
systemd - reexec State Injection
CVE-2018-15686
2018-11-04
Card Payment 1.0 - Cross-Site Request Forgery (Update Admin)
2018-11-04
Paramiko 2.4.1 - Authentication Bypass
CVE-2018-7750
2018-11-04
Local Server 1.0.9 - Denial of Service (PoC)
2018-11-04
Modbus Slave PLC 7 - '.msw' Buffer Overflow (PoC)
2018-11-04
School Equipment Monitoring System 1.0 - 'login' SQL Injection
2018-11-04
AlienIP 2.41 - Denial of Service (PoC)
2018-11-04
Open Faculty Evaluation System 7 - 'batch_name' SQL Injection
2018-11-04
Library Management System 1.0 - 'frmListBooks' SQL Injection
2018-11-04
Navicat 12.0.29 - 'SSH' Denial of Service (PoC)
2018-11-04
Grapixel New Media 2 - 'pageref' SQL Injection
2018-11-04
Open Faculty Evaluation System 5.6 - 'batch_name' SQL Injection
2018-11-04
Veterinary Clinic Management 00.02 - 'editpetnum' SQL Injection
2018-11-04
Delta Sql 1.8.2 - 'id' SQL Injection
2018-11-04
MPS Box 0.1.8.0 - Arbitrary File Upload
2018-11-04
Quick Count 2.0 - 'txtInstID' SQL Injection
2018-11-04
xorg-x11-server < 1.20.3 - Local Privilege Escalation
CVE-2018-14665
2018-11-04
WebEx - Local Service Permissions Exploit (Metasploit)
CVE-2018-15442
2018-11-04
WebExec - Authenticated User Code Execution (Metasploit)
CVE-2018-15442
2018-11-04
libtiff 4.0.9 - Decodes Arbitrarily Sized JBIG into a Target Buffer
CVE-2018-18557
2018-11-04
Open STA Manager 2.3 - Arbitrary File Download
2018-11-04
MPS Box 0.1.8.0 - 'uuid' SQL Injection
2018-11-04
AjentiCP 1.2.23.13 - Cross-Site Scripting
CVE-2018-18548
2018-11-04
AiOPMSD Final 1.0.0 - 'q' SQL Injection
2018-11-04
Simple POS and Inventory 1.0 - 'cat' SQL Injection
2018-11-04
ClipBucket 2.8 - 'id' SQL Injection
2018-11-04
Adult Filter 1.0 - Buffer Overflow (SEH)
2018-11-04
User Management 1.1 - Cross-Site Scripting
CVE-2018-18419
2018-11-04
Delta Sql 1.8.2 - Arbitrary File Upload
2018-11-04
Simple Chat System 1.0 - 'id' SQL Injection
2018-11-04
phptpoint Hospital Management System 1.0 - 'user' SQL injection
2018-11-04
phptpoint Pharmacy Management System 1.0 - 'username' SQL injection
2018-11-04
Ekushey Project Manager CRM 3.1 - Cross-Site Scripting
CVE-2018-18417
2018-11-04
ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution
2018-11-04
BORGChat 1.0.0 build 438 - Denial of Service (PoC)
2018-11-04
D-Link Routers - Directory Traversal
CVE-2018-10822
2018-11-04
D-Link Routers - Plaintext Password
CVE-2018-10824
2018-11-04
D-Link Routers - Command Injection
CVE-2018-10823
2018-11-04
Microsoft Data Sharing - Local Privilege Escalation (PoC)
2018-11-04
Apache OFBiz 16.11.04 - XML External Entity Injection
2018-11-04
LANGO Codeigniter Multilingual Script 1.0 - Cross-Site Scripting
CVE-2018-18416
2018-11-04
exim 4.90 - Remote Code Execution
CVE-2018-6789
2018-11-04
Adult Filter 1.0 - Denial of Service (PoC)
2018-11-04
Linux/x86 - execve(/bin/cat /etc/ssh/sshd_config) Shellcode 44 Bytes
2018-11-04
Axioscloud Sissiweb Registro Elettronico 7.0.0 - 'Error_desc' Cross-Site Scripting
CVE-2018-18437
2018-11-04
Fifa Master XLS 2.3.2 - 'usw' SQL Injection
2018-11-04
SG ERP 1.0 - 'info' SQL Injection
2018-11-04
MGB OpenSource Guestbook 0.7.0.2 - 'id' SQL Injection
2018-11-04
SIM-PKH 2.4.1 - 'id' SQL Injection
2018-11-04
School ERP Pro+Responsive 1.0 - 'fid' SQL Injection
2018-11-04
School ERP Pro+Responsive 1.0 - Arbitrary File Download
2018-11-04
ServersCheck Monitoring Software 14.3.3 - 'id' SQL Injection
2018-11-04
Microsoft Windows 10 - Local Privilege Escalation (UAC Bypass)
2018-11-04
SIM-PKH 2.4.1 - Arbitrary File Upload
2018-11-04
ServersCheck Monitoring Software 14.3.3 - Arbitrary File Write
2018-11-04
Appsource School Management System 1.0 - 'student_id' SQL Injection
2018-11-04
Viva Visitor & Volunteer ID Tracking 0.95.1 - 'fname' SQL Injection
2018-11-04
The Open ISES Project 3.30A - Arbitrary File Download
2018-11-04
eNdonesia Portal 8.7 - 'artid' SQL Injection
2018-11-04
Windows - SetImeInfoEx Win32k NULL Pointer Dereference (Metasploit)
CVE-2018-8120
2018-11-04
Apple iOS Kernel - Use-After-Free due to bad Error Handling in Personas
2018-11-04
Apple iOS/macOS - Kernel Memory Corruption due to Integer Overflow in IOHIDResourceQueue::enqueueReport
2018-11-04
Apple iOS/macOS - Sandbox Escape due to mach Message sent from Shared Memory
2018-11-04
Apple iOS - Kernel Stack Memory Disclosure due to Failure to Check copyin Return Value
2018-11-04
Apple iOS/macOS - Sandbox Escape due to Trusted Length Field in Shared Memory used by HID Event Subsystem
2018-11-04
Apple Intel GPU Driver - Use-After-Free/Double-Delete due to bad Locking
2018-11-04
School ERP Ultimate 2018 - 'fid' SQL Injection
2018-11-04
The Open ISES Project 3.30A - 'tick_lat' SQL Injection
2018-11-04
Audacity 2.3 - Denial of Service (PoC)
2018-11-04
Oracle Siebel CRM 8.1.1 - CSV Injection
2018-11-04
School ERP Ultimate 2018 - Arbitrary File Download
2018-11-04
Modbus Poll 7.2.2 - Denial of Service (PoC)
2018-11-04
MySQL Edit Table 1.0 - 'id' SQL Injection
2018-11-04
Expense Management 1.0 - Arbitrary File Upload Vulnerability
2018-10-31
MyBB Downloads 2.0.3 - SQL Injection Vulnerability
2018-10-31
NETGEAR WiFi Router R6120 - Credential Disclosure Vulnerability
2018-10-31
Webiness Inventory 2.9 - Arbitrary File Upload Vulnerability
2018-10-31
Electricks eCommerce 1.0 - prodid SQL Injection Vulnerability
2018-10-31
South Gate Inn Online Reservation System 1.0 - q SQL Injection Vulnerability
2018-10-31
K-iwi Framework 1775 - SQL Injection Vulnerability
2018-10-31
SaltOS Erp Crm 3.1 r8126 - Database File Download Vulnerability
2018-10-31
SaltOS Erp Crm 3.1 r8126 - SQL Injection Vulnerability (2)
2018-10-31
SaltOS Erp Crm 3.1 r8126 - SQL Injection Vulnerability
2018-10-31
E-Negosyo System 1.0 - SQL Injection Vulnerability
2018-10-31
RhinOS CMS 3.x - Arbitrary File Download Vulnerability
2018-10-31
SmartFTP Client 9.0.2615.0 - Denial of Service Exploit
2018-10-31
School Attendance Monitoring System 1.0 - SQL Injection Vulnerability
2018-10-31
School Attendance Monitoring System 1.0 - Arbitrary File Upload Vulnerability
2018-10-31
School Attendance Monitoring System 1.0 - Cross-Site Request Forgery (Update Admin) Vulnerability
2018-10-31
School Event Management System 1.0 - Cross-Site Request Forgery (Update Admin) Vulnerability
2018-10-31
School Event Management System 1.0 - Arbitrary File Upload Vulnerability
2018-10-31
School Event Management System 1.0 - SQL Injection Vulnerability
2018-10-31
Point of Sales (POS) in VB.Net MySQL Database 1.0 - SQL Injection Vulnerability
2018-10-31
Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection Vulnerability
2018-10-31
Curriculum Evaluation System 1.0 - SQL Injection Vulnerability
2018-10-31
Aplaya Beach Resort Online Reservation System 1.0 - SQL Injection / Cross-Site Request Forgery
2018-10-31
MTGAS MOGG Web Simulator Script - SQL Injection Vulnerability
2018-10-31
Card Payment 1.0 - Cross-Site Request Forgery (Update Admin) Vulnerability
2018-10-31
Library Management System 1.0 - frmListBooks SQL Injection Vulnerability
2018-10-31
Grapixel New Media 2 - pageref SQL Injection Vulnerability
2018-10-31
Open Faculty Evaluation System 7 - batch_name SQL Injection Vulnerability
2018-10-31
Instagram Clone 1.0 - Arbitrary File Upload Vulnerability
2018-10-31
SIPp 3.3.990 - Local Buffer Overflow Exploit
2018-10-31
QNAP NetBak Replicator 4.5.6.0607 - Denial of Service Exploit
2018-10-31
ZyXEL VMG3312-B10B < 1.00(AAPP.7) - Credential Disclosure Exploit
2018-10-31
systemd - reexec State Injection Exploit
2018-10-31
xorg #x11 #server 1.20.3 - Privilege Escalation Exploit (3)
2018-10-30
R 3.4.4 ( #Windows10 x64) - Buffer Overflow (DEP/ASLR Bypass) Exploit
2018-10-30
AnySoundRecorder 2.93 - Buffer Overflow Local (SEH) Exploit
2018-10-30
PayPal / Credit Card / Debit Card Payment 1.0 SQL Injection Vulnerability
2018-10-30
Windows/x64 - Remote (Bind TCP) Keylogger Shellcode (Generator) 864 bytes
2018-10-30
Nutanix AOS & Prism < 5.5.5 (LTS) / < 5.8.1 (STS) SFTP Authentication Bypass Vulnerability
2018-10-30
Navicat 12.0.29 - SSH Denial of Service Exploit
2018-10-30
AlienIP 2.41 - Denial of Service Exploit
2018-10-30
systemd - chown_one() can Dereference Symlinks Exploit
2018-10-30
Modbus Slave 7.0.0 - Denial of Service Exploit
2018-10-30
Modbus Slave PLC 7 - .msw Buffer Overflow Exploit
2018-10-30
Paramiko 2.4.1 - Authentication Bypass Exploit
2018-10-30
Local Server 1.0.9 - Denial of Service Exploit
2018-10-30
School Equipment Monitoring System 1.0 - login SQL Injection Vulnerability
2018-10-30
HID ActivID ActivClient 7.1.0.202 Heap Spray / Denial Of Service Vulnerability
2018-10-30
Joomla Responsive eXtro jQuery Gallery 2.1.0 Component - filter_category SQL Injection Vulnerability
2018-10-30
Joomla Com_Ajax Component Jsnextfw Plugin Jform_Article Incorrect Default Permission Vulnerability
2018-10-30
WordPress Arforms 3.5.1 Arbitrary File Delete Exploit
2018-10-30
ASRock Drivers Privilege Escalation / Code Execution Exploit
2018-10-30
Webiness Inventory 2.9 Shell Upload Exploit
2018-10-30
Shell In A Box 2.2.0 Denial Of Service Exploit
2018-10-30
MPS Box 0.1.8.0 - Arbitrary File Upload Vulnerability
2018-10-30
Veterinary Clinic Management 00.02 - editpetnum SQL Injection Vulnerability
2018-10-30
Quick Count 2.0 - txtInstID SQL Injection Vulnerability
2018-10-30
Delta Sql 1.8.2 - id SQL Injection Vulnerability
2018-10-30
Linux systemd Line Splitting Exploit
2018-10-30
Linux systemd Symlink Dereference Via chown_one() Exploit
2018-10-30
xorg-x11-server 1.20.3 - Local Privilege Escalation Exploit (2)
2018-10-30
xorg-x11-server 1.20.3 - Local Privilege Escalation Exploit
2018-10-30
Oracle Hyperion Planning 11.1.2.4 Cross Site Scripting Vulnerability
2018-10-30
Open STA Manager 2.3 - Arbitrary File Download Vulnerability
2018-10-30
MPS Box 0.1.8.0 - uuid SQL Injection Vulnerability
2018-10-30
AjentiCP 1.2.23.13 - Cross-Site Scripting Vulnerability
2018-10-30
AiOPMSD Final 1.0.0 - q SQL Injection Vulnerability
2018-10-30
ClipBucket 2.8 - id SQL Injection Vulnerability
2018-10-30
User Management 1.1 - Cross-Site Scripting Vulnerability
2018-10-30
Delta Sql 1.8.2 - Arbitrary File Upload Vulnerability
2018-10-30
Simple POS and Inventory 1.0 - cat SQL Injection Vulnerability
2018-10-30
Simple Chat System 1.0 - id SQL Injection Vulnerability
2018-10-30
ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution Exploit
2018-10-30
Ekushey Project Manager CRM 3.1 - Cross-Site Scripting Vulnerability
2018-10-30
PHPTPoint Pharmacy Management System 1.0 - username SQL injection Vulnerability
2018-10-30
BORGChat 1.0.0 build 438 - Denial of Service Exploit
2018-10-30
libtiff 4.0.9 - Decodes Arbitrarily Sized JBIG into a Target Buffer Exploit
2018-10-30
Adult Filter 1.0 - Buffer Overflow (SEH) Exploit
2018-10-30
PHPTPoint Hospital Management System 1 SQL Injection Vulnerability
2018-10-30
AudioCodes 440HD / 450HD IP Phone 3.1.2.89 Man-In-The-Middle Vulnerability
2018-10-30
Polycom VVX 500 / VVX 601 5.8.0.12848 Man-In-The-Middle Vulnerability
2018-10-30
Polycom VVX 500 / VVX 601 5.8.0.12848 Information Exposure Vulnerability
2018-10-30
WebExec Authenticated User Code Execution Exploit
2018-10-30
WebEx Local Service Permissions Code Execution Exploit
2018-10-30
WordPress Question Answer 1.2.30 Cross Site Scripting Vulnerability
2018-10-30
WordPress Pie Register 3.0.17 Cross Site Scripting Vulnerability
2018-10-30
Linux/x86 - execve(/bin/cat /etc/ssh/sshd_config) Shellcode 44 Bytes
2018-10-30
jQuery-File-Upload < v9.22.1 (ImageMagick / Ghostscript) - Remote Code Execution Exploit
2018-10-30
Fifa Master XLS 2.3.2 - usw SQL Injection Vulnerability
2018-10-30
SG ERP 1.0 - info SQL Injection Vulnerability
2018-10-30
Axioscloud Sissiweb Registro Elettronico 7.0.0 - Error_desc Cross-Site Scripting Vulnerability
2018-10-30
Adult Filter 1.0 - Denial of Service Exploit
2018-10-30
Microsoft Data Sharing - Local Privilege Escalation Exploit
2018-10-30
Apache OFBiz 16.11.04 - XML External Entity Injection Exploit
2018-10-30
exim 4.90 - Remote Code Execution Exploit
2018-10-30
D-Link Routers - Command Injection Vulnerability
2018-10-30
D-Link Routers - Directory Traversal Vulnerability
2018-10-30
D-Link Routers - Plaintext Password Vulnerability
2018-10-30
SIM-PKH 2.4.1 SQL Injection Vulnerability
2018-10-24
Microsoft Active Directory Federated Services (ADFS) User Enumeration Vulnerability
2018-10-24
ServersCheck Monitoring Software 14.3.3 SQL Injection Vulnerability
2018-10-24
ServersCheck Monitoring Software 14.3.3 Cross Site Scripting Vulnerability
2018-10-24
MGB OpenSource Guestbook 0.7.0.2 - id SQL Injection Vulnerability
2018-10-23
SIM-PKH 2.4.1 - Arbitrary File Upload
2018-10-23
Appsource School Management System 1.0 - student_id SQL Injection Vulnerability
2018-10-23
Traq 3.7.1 CSRF / XSS / SQL Injection Vulnerabilities
2018-10-23
VestaCP 0.9.8-22 Cross Site Scripting Vulnerability
2018-10-23
AjentiCP 1.2.23.13 Cross Site Scripting Vulnerability
2018-10-23
Microsoft Windows 10 UAC Bypass By computerDefault Exploit
2018-10-23
Chrome Debugger Extension API Is Too Powerful Vulnerability
2018-10-23
ServersCheck Monitoring Software 14.3.3 - Denial of Service Exploit
2018-10-23
Apple iOS Kernel - Use-After-Free due to bad Error Handling in Personas Exploit
2018-10-22
Apple iOS Kernel - Stack Memory Disclosure due to Failure to Check copyin Return Value Exploit
2018-10-22
Apple iOS / macOS - Kernel Memory Corruption due to Integer Overflow Exploit
2018-10-22
Apple iOS / macOS - Sandbox Escape due to mach Message sent from Shared Memory Exploit
2018-10-22
Apple iOS / macOS - Sandbox Escape due to Trusted Length Field in Shared Memory Exploit
2018-10-22
Viva Visitor & Volunteer ID Tracking 0.95.1 - fname SQL Injection Vulnerability
2018-10-22
Apple Intel GPU Driver - Use-After-Free/Double-Delete due to bad Locking Exploit
2018-10-22
eNdonesia Portal 8.7 - artid SQL Injection Vulnerability
2018-10-22
The Open ISES Project 3.30A - Arbitrary File Download Vulnerability
2018-10-22
The Open ISES Project 3.30A - tick_lat SQL Injection Vulnerability
2018-10-22
School ERP Ultimate 2018 - fid SQL Injection Vulnerability
2018-10-22
Oracle Siebel CRM 8.1.1 - CSV Injection Vulnerability
2018-10-22
School ERP Ultimate 2018 - Arbitrary File Download Vulnerability
2018-10-22
MySQL Edit Table 1.0 - id SQL Injection Vulnerability
2018-10-22
Modbus Poll 7.2.2 - Denial of Service Exploit
2018-10-22
Microsoft Windows SetImeInfoEx Win32k NULL Pointer Dereference Exploit
2018-10-22
WiFiRanger 7.0.8rc3 Incorrect Access Control / Privilege Escalation Vulnerability
2018-10-22
Viprinet VPN Hub Router Cross Site Scripting Vulnerability
2018-10-22
AudaCity 2.3 - High processor usage Denial of Service Exploit
2018-10-21
libSSH - Authentication Bypass Exploit
2018-10-21
Linux/x86 print "If psycho say this is the end?" Shellcode (75 bytes)
2018-10-21
libSSH - Authentication Bypass
CVE-2018-10933
2018-10-19
Linux Semi-Arbitrary Task Stack Read On ARM64 / x86 Exploit
2018-10-18
Chrome Mojo DataPipe*Dispatcher Deserialization Lacking Validation Exploit
2018-10-18
Snes9K 0.0.9z - Buffer Overflow (SEH) Exploit
2018-10-18
OwnTicket 1.0 - TicketID SQL Injection Vulnerability
2018-10-18
Learning with Texts 1.6.2 - start SQL Injection Vulnerability
2018-10-18
PHP-SHOP master 1.0 - Cross-Site Request Forgery (Add admin) Vulnerability
2018-10-18
TP-Link TL-SC3130 1.6.18 - RTSP Stream Disclosure Vulnerability
2018-10-18
ManageEngine OPManager 12.3 Cross Site Scripting Vulnerability
2018-10-18
LANGO Codeigniter Multilingual Script 1.0 Cross Site Scripting Vulnerability
2018-10-18
Ekushey Project Manager CRM 3.1 Cross Site Scripting Vulnerability
2018-10-18
IBM Security AppScan Standard 9.0.3 .udt Denial Of Service Exploit
2018-10-18
Acunetix Web Vulnerability Scanner 10 *.slg Buffer Overflow (PoC) Exploit
2018-10-18
Any Sound Recorder 2.93 - Buffer Overflow (SEH) Exploit
2018-10-18
Time and Expense Management System 3.0 - CSRF (Add Admin) Vulnerability
2018-10-18
FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials Vulnerability
2018-10-18
VLC Media Player - MKV Use-After-Free Exploit
2018-10-18
Microsoft Windows - FSCTL_FIND_FILES_BY_SID Information Disclosure Exploit
2018-10-18
HighPortal 12.5 Cross Site Scripting Vulnerability
2018-10-18
Heatmiser Wifi Thermostat 1.7 - Credential Disclosure Exploit
2018-10-18
GIU Gallery Image Upload 0.3.1 - category SQL Injection Vulnerability
2018-10-18
Navigate CMS 2.8.5 - Arbitrary File Download Vulnerability
2018-10-18
MV Video Sharing Software 1.2 - searchname SQL Injection Vulnerability
2018-10-18
Rukovoditel Project Management CRM 2.3 - path SQL Injection Vulnerability
2018-10-18
Vishesh Auto Index 3.1 - fid SQL Injection Vulnerability
2018-10-18
Kados R10 GreenBee - release_id SQL Injection Vulnerability
2018-10-18
HotelDruid 2.2.4 - anno SQL Injection Vulnerability
2018-10-18
Wordpress Support Board 1.2.3 Plugin - Cross-Site Scripting Vulnerability
2018-10-18
Library CMS 2.1.1 - Cross-Site Scripting Vulnerability
2018-10-18
Solaris RSH Stack Clash Privilege Escalation Exploit
2018-10-18
BigTree CMS 4.2.23 Cross Site Scripting Vulnerability
2018-10-18
FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure Vulnerability
2018-10-18
FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure Vulnerability
2018-10-18
FLIR Brickstream 3D+ - RTSP Stream Disclosure Vulnerability
2018-10-18
FLIR AX8 Thermal Camera 1.32.16 - RTSP Stream Disclosure Vulnerability
2018-10-18
FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution Exploit
2018-10-18
Academic Timetable Final Build 7.0b - Cross-Site Request Forgery (Add Admin) Vulnerability
2018-10-18
Academic Timetable Final Build 7.0a-7.0b - id SQL Injection Vulnerability
2018-10-18
Academic Timetable Final Build 7.0 - Information Disclosure Exploit
2018-10-18
Advanced HRM 1.6 - Remote Code Execution Vulnerability
2018-10-18
MaxOn ERP Software 8.x-9.x - nomor SQL Injection Vulnerability
2018-10-18
College Notes Management System 1.0 - user SQL Injection Vulnerability
2018-10-18
KORA 2.7.0 - cid SQL Injection Vulnerability
2018-10-18
AlchemyCMS 4.1 - Cross-Site Scripting Vulnerability
2018-10-18
D-Link DSL-2640T Cross Site Scripting Vulnerability
2018-10-18
Teltonika RUT9XX Missing Access Control To UART Root Terminal Vulnerability
2018-10-18
Teltonika RUT9XX Unauthenticated OS Command Injection Exploit
2018-10-18
Teltonika RUT9XX Reflected Cross Site Scripting Vulnerability
2018-10-18
Cockpit CMS CSRF / XSS / Path Traversal Vulnerabilities
2018-10-18
NoMachine 5.3.26 Remote Code Execution Exploit
2018-10-18
Phoenix Contact WebVisit 2985725 - Authentication Bypass Exploit
2018-10-18
FluxBB < 1.5.6 - SQL Injection Exploit
2018-10-18
SugarCRM 6.5.26 - Cross-Site Scripting Vulnerability
2018-10-18
HaPe PKH 1.1 - Arbitrary File Upload Vulnerability
2018-10-18
HaPe PKH 1.1 - Cross-Site Request Forgery (Update Admin) Vulnerability
2018-10-18
HaPe PKH 1.1 - id SQL Injection Vulnerability
2018-10-18
LUYA CMS 1.0.12 - Cross-Site Scripting Vulnerability
2018-10-18
CAMALEON CMS 2.4 Cross Site Scripting Vulnerability
2018-10-18
gsview -dSAFER Not Used Vulnerability
2018-10-18
Microsoft SQL Server Management Studio 17.9 - XML External Entity Injection Vulnerability
2018-10-18
Microsoft SQL Server Management Studio 17.9 - .xel XML External Entity Injection Vulnerability
2018-10-18
Microsoft SQL Server Management Studio 17.9 - .xmla XML External Entity Injection Vulnerability
2018-10-18
CentOS Web Panel 0.9.8.480 Multiple Vulnerabilities
2018-10-18
Phoenix Contact WebVisit 6.40.00 - Password Disclosure Vulnerability
2018-10-18
E-Registrasi Pencak Silat 18.10 - id_partai SQL Injection Vulnerability
2018-10-18
WAGO 750-881 01.09.18 - Cross-Site Scripting Vulnerability
2018-10-18
Wikidforum 2.20 - Cross-Site Scripting Vulnerability
2018-10-18
OwnTicket 1.0 - 'TicketID' SQL Injection
2018-10-18
PHP-SHOP master 1.0 - Cross-Site Request Forgery (Add admin)
2018-10-18
Learning with Texts 1.6.2 - 'start' SQL Injection
2018-10-18
Time and Expense Management System 3.0 - 'table' SQL Injection
2018-10-17
TP-Link TL-SC3130 1.6.18 - RTSP Stream Disclosure
2018-10-17
Git Submodule - Arbitrary Code Execution
CVE-2018-17456
2018-10-17
Time and Expense Management System 3.0 - Cross-Site Request Forgery (Add Admin)
2018-10-17
FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials
2018-10-17
BigTree CMS 4.2.23 - Cross-Site Scripting
CVE-2018-18308
2018-10-17
Any Sound Recorder 2.93 - Buffer Overflow (SEH)
2018-10-17
VLC Media Player - MKV Use-After-Free (Metasploit)
CVE-2018-11529
2018-10-16
Solaris - RSH Stack Clash Privilege Escalation (Metasploit)
CVE-2017-1000364
2018-10-16
Microsoft Windows - 'FSCTL_FIND_FILES_BY_SID' Information Disclosure
CVE-2018-8411
2018-10-16
Heatmiser Wifi Thermostat 1.7 - Credential Disclosure
2018-10-16
GIU Gallery Image Upload 0.3.1 - 'category' SQL Injection
2018-10-16
MV Video Sharing Software 1.2 - 'searchname' SQL Injection
2018-10-16
Rukovoditel Project Management CRM 2.3 - 'path' SQL Injection
2018-10-16
Wordpress Plugin Support Board 1.2.3 - Cross-Site Scripting
2018-10-16
Vishesh Auto Index 3.1 - 'fid' SQL Injection
2018-10-16
Kados R10 GreenBee - 'release_id' SQL Injection
2018-10-16
Library CMS 2.1.1 - Cross-Site Scripting
2018-10-16
Navigate CMS 2.8.5 - Arbitrary File Download
2018-10-16
HotelDruid 2.2.4 - 'anno' SQL Injection
2018-10-16
KORA 2.7.0 - 'cid' SQL Injection
2018-10-15
Academic Timetable Final Build 7.0 - Information Disclosure
2018-10-15
NoMachine < 5.3.27 - Remote Code Execution
CVE-2018-17980
2018-10-15
Centos Web Panel 0.9.8.480 - Multiple Vulnerabilities
CVE-2018-18322
2018-10-15
FLIR Brickstream 3D+ - RTSP Stream Disclosure
2018-10-15
FLIR AX8 Thermal Camera 1.32.16 - RTSP Stream Disclosure
2018-10-15
MaxOn ERP Software 8.x-9.x - 'nomor' SQL Injection
2018-10-15
Advanced HRM 1.6 - Remote Code Execution
2018-10-15
College Notes Management System 1.0 - 'user' SQL Injection
2018-10-15
FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution
2018-10-15
AlchemyCMS 4.1 - Cross-Site Scripting
2018-10-15
Academic Timetable Final Build 7.0b - Cross-Site Request Forgery (Add Admin)
2018-10-15
FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure
2018-10-15
Snes9K 0.0.9z - Buffer Overflow (SEH)
2018-10-15
FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure
2018-10-15
Academic Timetable Final Build 7.0a-7.0b - 'id' SQL Injection
2018-10-15
FluxBB < 1.5.6 - SQL Injection
CVE-2014-10029
2018-10-12
SugarCRM 6.5.26 - Cross-Site Scripting
CVE-2018-17784
2018-10-12
HaPe PKH 1.1 - Arbitrary File Upload
2018-10-12
CAMALEON CMS 2.4 - Cross-Site Scripting
2018-10-12
HaPe PKH 1.1 - Cross-Site Request Forgery (Update Admin)
2018-10-12
Phoenix Contact WebVisit 2985725 - Authentication Bypass
CVE-2016-8371
2018-10-12
LUYA CMS 1.0.12 - Cross-Site Scripting
2018-10-12
HaPe PKH 1.1 - 'id' SQL Injection
2018-10-12
Microsoft SQL Server Management Studio 17.9 - '.xmla' XML External Entity Injection
CVE-2018-8532
2018-10-11
Phoenix Contact WebVisit 6.40.00 - Password Disclosure
CVE-2016-8366
2018-10-11
Microsoft SQL Server Management Studio 17.9 - '.xel' XML External Entity Injection
2018-10-11
jQuery-File-Upload 9.22.0 - Arbitrary File Upload
2018-10-11
Microsoft SQL Server Management Studio 17.9 - XML External Entity Injection
2018-10-11
E-Registrasi Pencak Silat 18.10 - 'id_partai' SQL Injection
2018-10-11
WAGO 750-881 01.09.18 - Cross-Site Scripting
2018-10-11
Wikidforum 2.20 - Cross-Site Scripting
2018-10-11
VLC Media Player 2.2.8 MKV Use-After-Free Exploit
2018-10-11
DELL EMC OneFS Storage Administration 8.1.2.0 .zshrc Overwrite Exploit
2018-10-11
WhatsApp - RTP Processing Heap Corruption Exploit
2018-10-10
MicroTik RouterOS < 6.43rc3 - Remote Root Exploit
2018-10-10
XMeye P2P Cloud Remote Code Execution / Integrity Issues Vulnerabilities
2018-10-10
jQuery-File-Upload 9.22.0 Arbitrary File Upload Vulnerability
2018-10-10
NPLUG Wireless Repeater 1.0.0.14 CSRF / XSS / Authentication Bypass Vulnerabilities
2018-10-10
Responsive Filemanager 9.8.1 Authentication Bypass Vulnerability
2018-10-10
Responsive Filemanager 9.8.1 Cross Site Scripting Vulnerability
2018-10-10
Sitepress Multilingual 3.6.3 Cross Site Scripting Vulnerability
2018-10-10
Ektron CMS 9.20 SP2 - Improper Access Restrictions Vulnerability
2018-10-10
FileZilla 3.33 - Buffer Overflow Exploit
2018-10-10
WhatsApp - RTP Processing Heap Corruption
2018-10-10
FLIR Systems FLIR Thermal Traffic Cameras Websocket Device Manipulation Exploit
2018-10-10
ghostscript - executeonly Bypass with errorhandler Setup Exploit
2018-10-10
Free MP3 CD Ripper 2.8 - .wma Buffer Overflow (SEH) (DEP Bypass) Exploit
2018-10-10
Microsoft Edge Chakra JIT - Type Confusion Exploit
2018-10-10
Microsoft Edge Chakra JIT - BailOutOnInvalidatedArrayHeadSegment Check Bypass Exploit
2018-10-10
MicroTik RouterOS < 6.43rc3 - Remote Root
CVE-2018-14847
2018-10-10
Ektron CMS 9.20 SP2 - Improper Access Restrictions
CVE-2018-12596
2018-10-10
FileZilla 3.33 - Buffer Overflow (PoC)
2018-10-10
Virtualmin 6.03 Multiple Vulnerabilities
2018-10-10
ifwatchd - Privilege Escalation (Metasploit)
CVE-2014-2533
2018-10-09
Delta Electronics Delta Industrial Automation COMMGR 1.08 - Stack Buffer Overflow (Metasploit)
CVE-2018-10594
2018-10-09
ghostscript - executeonly Bypass with errorhandler Setup
CVE-2018-17961
2018-10-09
Microsoft Edge Chakra JIT - Type Confusion
CVE-2018-8467
2018-10-09
Microsoft Edge Chakra JIT - 'BailOutOnInvalidatedArrayHeadSegment' Check Bypass
CVE-2018-8466
2018-10-09
net-snmp 5.7.3 - Denial of Service
CVE-2015-5621
2018-10-09
Wikidforum 2.20 - 'message_id' SQL Injection
2018-10-09
Delta Electronics Delta Industrial Automation COMMGR 1.08 Stack Buffer Overflow Exploit
2018-10-09
ifwatchd Privilege Escalation Exploit
2018-10-09
Seqrite End Point Security 7.4 - Privilege Escalation
CVE-2018-17775
2018-10-09
Free MP3 CD Ripper 2.8 - '.wma' Buffer Overflow (SEH) (DEP Bypass)
2018-10-09
Wikidforum 2.20 - 'select_sort' SQL Injection
2018-10-09
360 3.5.0.1033 - Sandbox Escape Exploit
2018-10-09
Wikidforum 2.20 Multiple SQL Injection Vulnerability
2018-10-09
Navigate CMS - Unauthenticated Remote Code Execution Exploit
2018-10-09
Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 bytes)
2018-10-09
Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shellcode (181 bytes)
2018-10-09
Linux Kernel - Pointer Leak via BPF Exploit
2018-10-09
Linux Kernel < 4.11.8 - mq_notify: double sock_put() Local Privilege Escalation
2018-10-09
Cisco Prime Infrastructure - Unauthenticated Remote Code Execution Exploit
2018-10-08
Android - sdcardfs Changes current->fs Without Proper Locking Exploit
2018-10-08
Git Submodule - Arbitrary Code Execution Vulnerability
2018-10-08
Imperva SecureSphere 13 - Remote Command Execution Exploit
2018-10-08
net-snmp 5.7.3 - Unauthenticated Denial of Service Exploit
2018-10-08
net-snmp 5.7.3 - Authenticated Denial of Service Exploit
2018-10-08
Microsoft Windows - Net-NTLMv2 Reflection DCOM/RPC (Metasploit)
CVE-2016-3225
2018-10-08
Navigate CMS - Unauthenticated Remote Code Execution (Metasploit)
CVE-2018-17552
2018-10-08
Zahir Enterprise Plus 6 - Stack Buffer Overflow (Metasploit)
CVE-2018-17408
2018-10-08
Unitrends UEB - HTTP API Remote Code Execution (Metasploit)
CVE-2017-12478
2018-10-08
Android - sdcardfs Changes current->fs Without Proper Locking
CVE-2018-9515
2018-10-08
Linux - Kernel Pointer Leak via BPF
2018-10-08
Cisco Prime Infrastructure - Unauthenticated Remote Code Execution
CVE-2018-15379
2018-10-08
A Red Teamer’s guide to pivoting
2018-10-08
Linux Kernel < 4.11.8 - 'mq_notify: double sock_put()' Local Privilege Escalation
CVE-2017-11176
2018-10-08
Git Submodule - Arbitrary Code Execution
CVE-2018-17456
2018-10-08
net-snmp 5.7.3 - Authenticated Denial of Service (PoC)
2018-10-08
net-snmp 5.7.3 - Unauthenticated Denial of Service (PoC)
2018-10-08
Imperva SecureSphere 13 - Remote Command Execution
2018-10-08
Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shellcode (181 bytes)
2018-10-08
360 3.5.0.1033 - Sandbox Escape
2018-10-08
FLIR Thermal Traffic Cameras 1.01-0bb5b27 - Information Disclosure
2018-10-08
Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 bytes)
2018-10-08
FLIR Thermal Traffic Cameras 1.01-0bb5b27 - RTSP Stream Disclosure Vulnerability
2018-10-07
Chamilo LMS 1.11.8 - firstname Cross-Site Scripting Vulnerability
2018-10-07
FLIR Thermal Traffic Cameras 1.01-0bb5b27 - RTSP Stream Disclosure
2018-10-06
Chamilo LMS 1.11.8 - 'firstname' Cross-Site Scripting
2018-10-06
Chrome OS /sbin/crash_reporter Symlink Traversal Vulnerability
2018-10-06
Windows Net-NTLMv2 Reflection DCOM/RPC Exploit
2018-10-06
Unitrends UEB HTTP API Remote Code Execution Exploit
2018-10-06
Claromentis Discuss 1.2.1 Cross Site Scripting Vulnerability
2018-10-06
Chamilo LMS 1.11.8 - Cross-Site Scripting Vulnerability
2018-10-06
Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Request Forgery (Add Admin) Vulnerabilities
2018-10-06
Easy File Sharing Web Server 7.2 - Domain Name Buffer Overflow Exploit
2018-10-06
Chamilo LMS 1.11.8 - Cross-Site Scripting
2018-10-05
ISPConfig < 3.1.13 - Remote Command Execution
2018-10-05
D-Link Central WiFiManager Software Controller 1.03 - Multiple Vulnerabilities
CVE-2018-17440
2018-10-05
Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Request Forgery (Add Admin)
2018-10-05
ISPConfig Remote Command Execution Exploit
2018-10-05
DLink Central WiFiManager Software Controller Code Execution / XSS Exploit
2018-10-05
WordPress Pie Register 3.0.15 Cross Site Scripting Vulnerability
2018-10-05
Photo #Nettoyeur 1.4.5 Insecure File Permission Vulnerability
2018-10-05
Billion ADSL Router 400G 20151105641 - Cross-Site Scripting Vulnerability
2018-10-05
WUZHICMS 2.0 - Cross-Site Scripting Vulnerability
2018-10-05
Coaster CMS 5.5.0 - Cross-Site Scripting Vulnerability
2018-10-05
OPAC EasyWeb Five 5.7 - biblio SQL Injection Vulnerability
2018-10-05
OPAC EasyWeb Five 5.7 - nome SQL Injection Vulnerability
2018-10-05
Linux Kernel 2.6.x / 3.10.x / 4.14.x (x64) - Mutagen Astronomy Local Privilege Escalation Exploit
2018-10-05
Linux/x64 - Execute /bin/nc -lvp 9090 Shellcode (60 bytes)
2018-10-05
Flippa Marketplace Clone 1.0 - date_started SQL Injection Vulnerability
2018-10-05
Education Website 1.0 - subject SQL Injection Vulnerability
2018-10-05
Binary MLM Software 1.0 - pid SQL Injection Vulnerability
2018-10-05
Singleleg MLM Software 1.0 - msg_id SQL Injection Vulnerability
2018-10-05
Hotel Booking Engine 1.0 - h_room_type SQL Injection Vulnerability
2018-10-05
Linux/x64 - execve ("/bin/bash") Shellcode (27 bytes)
2018-10-05
Fork CMS 5.4.0 - Cross-Site Scripting Vulnerability
2018-10-05
H2 Database 1.4.196 - Remote Code Execution Exploit
2018-10-05
Zahir Enterprise Plus 6 build 10b - Buffer Overflow (SEH) Exploit
2018-10-05
Snes9K 0.0.9z - Denial of Service (PoC) Exploit
2018-10-05
Linux/x64 - execve ("/bin/sh") Shellcode (24 bytes)
2018-10-05
Airties AIR5750 1.0.0.18 Cross Site Scripting Vulnerability
2018-10-05
Airties AIR5650 1.0.0.18 Cross Site Scripting Vulnerability
2018-10-05
Airties AIR5453 1.0.0.18 Cross Site Scripting Vulnerability
2018-10-05
Airties AIR5443v2 1.0.0.18 Cross Site Scripting Vulnerability
2018-10-05
Airties AIR5442 1.0.0.18 Cross Site Scripting Vulnerability
2018-10-05
Airties AIR5343v2 1.0.0.18 Cross Site Scripting Vulnerability
2018-10-05
Airties AIR5021 1.0.0.18 Cross Site Scripting Vulnerability
2018-10-05
ManageEngine AssetExplorer 6.2.0 Cross Site Scripting Vulnerability
2018-10-05
Intel Extreme Tuning Utility 6.4.1.23 Code Execution / Privilege Escalation Vulnerabilities
2018-10-05
AppArmor Filesystem Blacklisting Bypass Vulnerability
2018-10-05
Seqrite End Point Security 7.4 Privilege Escalation Vulnerability
2018-10-05
Skype On Debian Microsoft Apt Repo Addition Vulnerability
2018-10-05
Microsoft Edge - Sandbox Escape Exploit
2018-10-05
PCProtect 4.8.35 - Privilege Escalation Vulnerability
2018-10-05
WebKit - WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded
2018-10-05
WebKit - WebCore::SVGTextLayoutAttributes::context Use-After-Free Exploit
2018-10-05
WebKit - WebCore::RenderLayer::updateDescendantDependentFlags Use-After-Free Exploit
2018-10-05
WebKit - WebCore::SVGTRefElement::updateReferencedText Use-After-Free Exploit
2018-10-05
WebKit - WebCore::RenderMultiColumnSet::updateMinimumColumnHeight Use-After-Free Exploit
2018-10-05
WebKit - WebCore::InlineTextBox::paint Out-of-Bounds Read Exploit
2018-10-05
NICO-FTP 3.0.1.19 - Buffer Overflow (SEH)(ASLR) Exploit
2018-10-05
Linux/x86 - execve(/bin/sh) + NOT +SHIFT-N+ XOR-N Encoded Shellcode (50 bytes)
2018-10-05
virtualenv 16.0.0 - Sandbox Escape Vulnerability
2018-10-05
LayerBB Forum 1.1.1 - search_query SQL Injection Vulnerability
2018-10-05
FTP Voyager 16.2.0 - Denial of Service Exploit
2018-10-05
Airties AIR5342 1.0.0.18 - Cross-Site Scripting Vulnerability
2018-10-05
RICOH MP C1803 JPN Printer - Cross-Site Scripting Vulnerability
2018-10-05
PTC ThingWorx Password Disclosure / Cross Site Scripting Vulnerabilities
2018-10-05
Joomla Jimtawl 2.2.7 Component - id SQL Injection Vulnerability
2018-10-05
Zechat 1.5 - uname SQL Injection Vulnerability
2018-10-05
Wikindx 5.3.2 Multiple Cross-Site Scripting Vulnerability
2018-10-05
WebKit - WebCore::Node::ensureRareData Use-After-Free Exploit
2018-10-05
WebKit - WebCore::AXObjectCache::handleMenuItemSelected Use-After-Free Exploit
2018-10-05
WebKit - WebCore::SVGAnimateElementBase::resetAnimatedType Use-After-Free Exploit
2018-10-05
WordPress WebARX Website Firewall 4.9.8 XSS / Bypass Vulnerabilities
2018-10-05
WordPress Breadcrumb NavXT 6.1.0 Username Disclosure
2018-10-05
NICO-FTP 3.0.1.19 - Buffer Overflow (SEH)(ASLR)
2018-10-04
LayerBB Forum 1.1.1 - 'search_query' SQL Injection
2018-10-04
Linux\x86 - (NOT +SHIFT-N+ XOR-N) + encoded (/bin/sh) Shellcode (50 byes)
2018-10-04
virtualenv 16.0.0 - Sandbox Escape
CVE-2018-17793
2018-10-04
FTP Voyager 16.2.0 - Denial of Service (PoC)
2018-10-03
RICOH MP C1803 JPN Printer - Cross-Site Scripting
CVE-2018-17310
2018-10-03
Airties AIR5342 1.0.0.18 - Cross-Site Scripting
CVE-2018-17587
2018-10-03
Joomla! Component Jimtawl 2.2.7 - 'id' SQL Injection
2018-10-03
Zechat 1.5 - 'uname' SQL Injection
2018-10-03
OPAC EasyWeb Five 5.7 - 'nome' SQL Injection
2018-10-02
Coaster CMS 5.5.0 - Cross-Site Scripting
2018-10-02
OPAC EasyWeb Five 5.7 - 'biblio' SQL Injection
2018-10-02
Phrack: Twenty years of Escaping the Java Sandbox (Ieu Eauvidoum & disk noise)
2018-10-01
Linux Kernel 2.6.x / 3.10.x / 4.14.x (RedHat / Debian / CentOS) (x64) - 'Mutagen Astronomy' Local Privilege Escalation
CVE-2018-14634
2018-10-01
Billion ADSL Router 400G 20151105641 - Cross-Site Scripting
2018-10-01
WUZHICMS 2.0 - Cross-Site Scripting
CVE-2018-17832
2018-10-01
Flippa Marketplace Clone 1.0 - 'date_started' SQL Injection
2018-10-01
Binary MLM Software 1.0 - 'pid' SQL Injection
2018-10-01
Singleleg MLM Software 1.0 - 'msg_id' SQL Injection
2018-10-01
Education Website 1.0 - 'subject' SQL Injection
2018-10-01
Hotel Booking Engine 1.0 - 'h_room_type' SQL Injection
2018-10-01
Fork CMS 5.4.0 - Cross-Site Scripting
2018-10-01
ManageEngine AssetExplorer 6.2.0 - Cross-Site Scripting
2018-10-01
H2 Database 1.4.196 - Remote Code Execution
2018-10-01
Zahir Enterprise Plus 6 build 10b - Buffer Overflow (SEH)
2018-10-01
Snes9K 0.0.9z - Denial of Service (PoC)
2018-10-01
Microsoft Edge - Sandbox Escape
CVE-2018-8463
2018-09-28
PCProtect 4.8.35 - Privilege Escalation
2018-09-28
Rausoft ID.prove 2.95 - Username SQL injection Vulnerability
2018-09-27
Citrix StorageZones Controller Improper Access Restrictions / Traversal Exploit
2018-09-27
WordPress WP Insert 2.4.2 Arbitrary File Upload Vulnerability
2018-09-27
ManageEngine Desktop Central 10.0.271 - Cross-Site Scripting Vulnerability
2018-09-27
iWay Data Quality Suite Web Console 10.6.1.ga - XML External Entity Injection Vulnerability
2018-09-27
EE 4GEE Mini EE40_00_02.00_44 - Privilege Escalation
2018-09-27
Rausoft ID.prove 2.95 - 'Username' SQL injection
2018-09-27
ManageEngine Desktop Central 10.0.271 - Cross-Site Scripting
2018-09-27
iWay Data Quality Suite Web Console 10.6.1.ga - XML External Entity Injection
2018-09-27
CrossFont 7.5 - Denial of Service Exploit
2018-09-26
TransMac 12.2 - Denial of Service Exploit
2018-09-26
Linux/ARM - Bind (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free #Shellcode (92 Bytes)
2018-09-26
Linux - #VMA Use-After-Free via Buggy vmacache_flush_all() Fastpath Exploit
2018-09-26
Joomla Responsive Portfolio 1.6.1 Component - filter_order_Dir SQL Injection Vulnerability
2018-09-26
Joomla Timetable Schedule 3.6.8 Component - SQL Injection Vulnerability
2018-09-26
Linux - VMA Use-After-Free via Buggy vmacache_flush_all() Fastpath
CVE-2018-17182
2018-09-26
Linux/ARM - Bind (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (92 Bytes)
2018-09-26
CrossFont 7.5 - Denial of Service (PoC)
2018-09-26
TransMac 12.2 - Denial of Service (PoC)
2018-09-26
Faleemi Desktop Software 1.8.2 - 'Device alias' Local Buffer Overflow (SEH)
2018-09-25
Joomla eXtroForms 2.1.5 Component - filter_type_id SQL Injection Vulnerability
2018-09-25
Joomla Music Collection 3.0.3 Component - SQL Injection Vulnerability
2018-09-25
Joomla Raffle Factory 3.5.2 Component - SQL Injection Vulnerability
2018-09-25
Joomla Dutch Auction Factory 2.0.2 Component - filter_order_Dir SQL Injection Vulnerability
2018-09-25
Joomla Article Factory Manager 4.3.9 Component - SQL Injection Vulnerability
2018-09-25
Joomla AlphaIndex Dictionaries 1.0 Component - SQL Injection Vulnerability
2018-09-25
Joomla Reverse Auction Factory 4.3.8 Component - SQL Injection Vulnerability
2018-09-25
Joomla Collection Factory 4.1.9 Component - SQL Injection Vulnerability
2018-09-25
Joomla Swap Factory 2.2.1 Component - SQL Injection Vulnerability
2018-09-25
Joomla Social Factory 3.8.3 Component - SQL Injection Vulnerability
2018-09-25
Joomla Jobs Factory 2.0.4 Component - SQL Injection Vulnerability
2018-09-25
Joomla Questions 1.4.3 Component - SQL Injection Vulnerability
2018-09-25
Joomla Penny Auction Factory 2.0.4 Component - SQL Injection Vulnerability
2018-09-25
Super Cms Blog Pro 1.0 - SQL Injection Vulnerability
2018-09-25
Easy PhoroResQ 1.0 - Buffer Overflow Exploit
2018-09-25
Joomla! Component Responsive Portfolio 1.6.1 - 'filter_order_Dir' SQL Injection
2018-09-25
RICOH MP C406Z Printer - Cross-Site Scripting
2018-09-25
WebKit - 'WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded' Use-After-Free
CVE-2018-4197
2018-09-25
WebKit - 'WebCore::SVGTextLayoutAttributes::context' Use-After-Free
CVE-2018-4318
2018-09-25
RICOH MP 305+ Printer - Cross-Site Scripting
2018-09-25
WebKit - 'WebCore::RenderLayer::updateDescendantDependentFlags' Use-After-Free
CVE-2018-4317
2018-09-25
WebKit - 'WebCore::SVGTRefElement::updateReferencedText' Use-After-Free
CVE-2018-4315
2018-09-25
WebKit - 'WebCore::RenderMultiColumnSet::updateMinimumColumnHeight' Use-After-Free
CVE-2018-4323
2018-09-25
WebKit - 'WebCore::InlineTextBox::paint' Out-of-Bounds Read
CVE-2018-4328
2018-09-25
WebKit - 'WebCore::Node::ensureRareData' Use-After-Free
CVE-2018-4306
2018-09-25
WebKit - 'WebCore::AXObjectCache::handleMenuItemSelected' Use-After-Free
CVE-2018-4312
2018-09-25
WebKit - 'WebCore::SVGAnimateElementBase::resetAnimatedType' Use-After-Free
CVE-2018-4314
2018-09-25
Solaris - 'EXTREMEPARR' dtappgather Privilege Escalation (Metasploit)
CVE-2017-3622
2018-09-25
Joomla! Component Timetable Schedule 3.6.8 - SQL Injection
CVE-2018-17394
2018-09-25
Joomla! Component Article Factory Manager 4.3.9 - SQL Injection
CVE-2018-17380
2018-09-25
Joomla! Component AlphaIndex Dictionaries 1.0 - SQL Injection
CVE-2018-17397
2018-09-25
Joomla! Component Reverse Auction Factory 4.3.8 - SQL Injection
CVE-2018-17376
2018-09-25
Joomla! Component Collection Factory 4.1.9 - SQL Injection
CVE-2018-17383
2018-09-25
Joomla! Component Swap Factory 2.2.1 - SQL Injection
CVE-2018-17384
2018-09-25
Joomla Component eXtroForms 2.1.5 - 'filter_type_id' SQL Injection
2018-09-25
RICOH MP C6503 Plus Printer - Cross-Site Scripting
2018-09-25
Joomla! Component Social Factory 3.8.3 - SQL Injection
CVE-2018-17385
2018-09-25
Joomla! Component Jobs Factory 2.0.4 - SQL Injection
CVE-2018-17382
2018-09-25
Joomla! Component Questions 1.4.3 - SQL Injection
CVE-2018-17377
2018-09-25
Easy PhoroResQ 1.0 - Buffer Overflow
2018-09-25
Joomla! Component Penny Auction Factory 2.0.4 - SQL Injection
CVE-2018-17378
2018-09-25
Joomla! Component Music Collection 3.0.3 - SQL Injection
CVE-2018-17375
2018-09-25
Joomla! Component Raffle Factory 3.5.2 - SQL Injection
CVE-2018-17379
2018-09-25
Super Cms Blog Pro 1.0 - SQL Injection
CVE-2018-17391
2018-09-25
Joomla! Component Dutch Auction Factory 2.0.2 - 'filter_order_Dir' SQL Injection
2018-09-25
RICOH MP C2003 Printer - Cross-Site Scripting
2018-09-25
RICOH MP C307 Printer Cross Site Scripting Vulnerability
2018-09-25
RICOH MP 305+ Printer Cross Site Scripting Vulnerability
2018-09-25
RICOH MP C6503 Plus Printer Cross Site Scripting Vulnerability
2018-09-25
RICOH MP C406Z Printer Cross Site Scripting Vulnerability
2018-09-25
RICOH MP C2003 Printer Cross Site Scripting Vulnerability
2018-09-25
RICOH MP C1803 JPN Printer Cross Site Scripting Vulnerability
2018-09-25
Solaris EXTREMEPARR dtappgather Privilege Escalation Exploit
2018-09-25
EE 4GEE Mini Local Privilege Escalation Vulnerability
2018-09-25
Postman 6.3.0 Improper Certificate Validation Vulnerability
2018-09-25
RICOH MP C6003 Printer - Cross-Site Scripting Vulnerability
2018-09-24
RICOH Aficio MP 301 Printer - Cross-Site Scripting Vulnerability
2018-09-24
Beyond Remote 2.2.5.3 - Denial of Service Exploit
2018-09-24
SoftX FTP Client 3.3 - Denial of Service Exploit
2018-09-24
Termite 3.4 - Denial of Service Exploit
2018-09-24
Linux/ARM - sigaction() Based Egghunter (PWN!) + execve Shellcode (52 Bytes)
2018-09-24
Linux/ARM - Egghunter (PWN!) + execve("/bin/sh", NULL, NULL) Shellcode (28 Bytes)
2018-09-24
Joomla Auction Factory 4.5.5 Component - filter_order SQL Injection Vulnerability
2018-09-24
RICOH MP C6003 Printer - Cross-Site Scripting
2018-09-24
Linux/ARM - sigaction() Based Egghunter (PWN!) + execve("/bin/sh", NULL, NULL) Shellcode (52 Bytes)
2018-09-24
Linux/ARM - Egghunter (PWN!) + execve("/bin/sh", NULL, NULL) Shellcode (28 Bytes)
2018-09-24
Beyond Remote 2.2.5.3 - Denial of Service (PoC)
2018-09-24
Joomla Micro Deal Factory 2.4.0 Component - id SQL Injection Vulnerability
2018-09-24
Joomla AMGallery 1.2.3 Component - filter_category_id SQL Injection Exploit
2018-09-24
LG SuperSign EZ CMS 2.5 - Remote Code Execution Exploit
2018-09-24
Joomla CW Article Attachments 1.0.6 - id SQL Injection Vulnerability
2018-09-24
Collectric CMU 1.0 - lang SQL injection Vulnerability
2018-09-24
Navigate CMS 2.8 - Cross-Site Scripting Vulnerability
2018-09-24
udisks2 2.8.0 - Denial of Service Vulnerability
2018-09-24
Antidote 9.5.1 Code Execution Exploit
2018-09-24
Microsoft Windows ALPC Task Scheduler Local Privilege Elevation Exploit
2018-09-24
Staubli Jacquard Industrial System JC6 Shellshock Vulnerability
2018-09-24
WordPress FV Flowplayer 7.2.0.727 Cross Site Scripting Vulnerability
2018-09-24
MyBB Visual Editor 1.8.18 Cross Site Scripting Vulnerability
2018-09-24
WebRTC - FEC Out-of-Bounds Read Exploit
2018-09-24
WebRTC - VP9 Processing Use-After-Free Exploit
2018-09-24
mgetty 1.2.0 Buffer Overflow / Privilege Escalation Vulnerabilities
2018-09-24
HylaFAX 6.0.6 / 5.6.0 Uninitialized Pointer / Out Of Bounds Write Vulnerabilities
2018-09-24
NICO-FTP 3.0.1.19 - Buffer Overflow (SEH) Exploit
2018-09-24
Telegram Desktop 1.3.14 denial of service Vulnerability
2018-09-24
Linux/x86 - Egghunter + sigaction-based Shellcode (27 bytes)
2018-09-24
LimeSurvey 3.14.7 Cross Site Scripting Vulnerability
2018-09-24
ManageEngine Desktop Central 10.0.271 Cross Site Scripting Vulnerability
2018-09-24
ManageEngine SupportCenter Plus 8.1.0 Cross Site Scripting Vulnerability
2018-09-24
LG SuperSign EZ CMS 2.5 - Local File Inclusion Vulnerability
2018-09-24
Microsoft Windows - Double Dereference in NtEnumerateKey Elevation of Privilege Exploit
2018-09-24
Microsoft Windows - CiSetFileCache WDAC Security Feature Bypass TOCTOU Exploit
2018-09-24
WordPress Wechat Broadcast 1.2.0 Plugin - Local File Inclusion Vulnerability
2018-09-24
WordPress Localize My Post 1.0 Plugin - Local File Inclusion Vulnerability
2018-09-24
Roundcube rcfilters plugin 2.1.6 - Cross-Site Scripting Vulnerability
2018-09-24
Western Digital My Cloud Authentication Bypass Vulnerability
2018-09-24
Moodle 3.x PHP Unserialize Remote Code Execution Exploit
2018-09-24
Solaris libnspr NSPR_LOG_FILE Privilege Escalation Exploit
2018-09-24
Faleemi Plus 1.0.2 - Denial of Service Exploit
2018-09-24
InfraRecorder 0.53 - (.txt) Denial of Service Exploit
2018-09-24
CdBurnerXP 4.5.8.6795 - File Name Denial of Service Exploit
2018-09-24
TeamViewer App 13.0.100.0 - Denial of Service Exploit
2018-09-24
MediaTek Wirless Utility rt2870 - Denial of Service Exploit
2018-09-24
Clone2Go Video to iPod Converter 2.5.0 - Denial of Service Exploit
2018-09-24
Apple macOS 10.13.4 - Denial of Service Exploit
2018-09-24
Infiltrator Network Security Scanner 4.6 - Denial of Service Exploit
2018-09-24
PDF Explorer 1.5.66.2 - Denial of Service Exploit
2018-09-24
iCash 7.6.5 - Denial of Service Exploit
2018-09-24
PicaJet FX 2.6.5 - Denial of Service Exploit
2018-09-24
RoboImport 1.2.0.72 - Denial of Service Exploit
2018-09-24
PixGPS 1.1.8 - Denial of Service Exploit
2018-09-24
WordPress Arigato Autoresponder And Newsletter 2.5 SQL Injection / XSS Vulnerabilities
2018-09-24
Microsoft Edge Chakra PathTypeHandlerBase::SetAttributesHelper Type Confusion Exploit
2018-09-24
Microsoft Edge Chakra JIT localeCompare Type Confusion Exploit
2018-09-24
Linux/ARM - Jump Back Shellcode + execve("/bin/sh", NULL, NULL) Shellcode (4 Bytes)
2018-09-24
Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution Exploit
2018-09-24
NUUO NVRMini2 3.8 - cgi_system Buffer Overflow (Enable Telnet) Exploit
2018-09-24
CA Release Automation NiMi 6.5 - Remote Command Execution Exploit
2018-09-24
jiNa OCR Image to Text 1.0 - Denial of Service Exploit
2018-09-24
XAMPP Control Panel 3.2.2 - Denial of Service Exploit
2018-09-24
Notebook Pro 2.0 - Denial Of Service Exploit
2018-09-24
Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Scripting Vulnerability
2018-09-24
Joomla! Component Auction Factory 4.5.5 - 'filter_order' SQL Injection
2018-09-24
SoftX FTP Client 3.3 - Denial of Service (PoC)
2018-09-24
RICOH Aficio MP 301 Printer - Cross-Site Scripting
2018-09-24
Termite 3.4 - Denial of Service (PoC)
2018-09-24
Joomla! Component Micro Deal Factory 2.4.0 - 'id' SQL Injection
2018-09-24
Joomla! Component AMGallery 1.2.3 - 'filter_category_id' SQL Injection
2018-09-24
udisks2 2.8.0 - Denial of Service (PoC)
2018-09-24
MyBB Visual Editor 1.8.18 - Cross-Site Scripting
CVE-2018-17128
2018-09-24
LG SuperSign EZ CMS 2.5 - Remote Code Execution
CVE-2018-17173
2018-09-24
Joomla! CW Article Attachments 1.0.6 - 'id' SQL Injection
CVE-2018-14592
2018-09-24
Collectric CMU 1.0 - 'lang' SQL injection
2018-09-24
Navigate CMS 2.8 - Cross-Site Scripting
CVE-2018-17255
2018-09-24
WebRTC - FEC Out-of-Bounds Read
CVE-2018-16083
2018-09-21
WebRTC - VP9 Processing Use-After-Free
CVE-2018-16071
2018-09-21
NICO-FTP 3.0.1.19 - Buffer Overflow (SEH)
2018-09-20
Linux/x86 - Egghunter + sigaction-based Shellcode (27 bytes)
2018-09-20
LG SuperSign EZ CMS 2.5 - Local File Inclusion
CVE-2018-16288
2018-09-19
WordPress Plugin Localize My Post 1.0 - Local File Inclusion
2018-09-19
WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion
2018-09-19
Roundcube rcfilters plugin 2.1.6 - Cross-Site Scripting
CVE-2018-16736
2018-09-19
Microsoft Windows - Double Dereference in NtEnumerateKey Elevation of Privilege
CVE-2018-8410
2018-09-19
Microsoft Windows - 'CiSetFileCache' WDAC Security Feature Bypass TOCTOU
CVE-2018-8449
2018-09-19
WordPress Plugin Arigato Autoresponder and Newsletter 2.5 - Blind SQL Injection / Reflected Cross-Site Scripting
CVE-2018-1002000
2018-09-18
Solaris - libnspr NSPR_LOG_FILE Privilege Escalation (Metasploit)
CVE-2006-4842
2018-09-18
Microsoft Edge Chakra JIT - 'localeCompare' Type Confusion
CVE-2018-8355
2018-09-18
Microsoft Edge Chakra - 'PathTypeHandlerBase::SetAttributesHelper' Type Confusion
CVE-2018-8384
2018-09-18
Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution
2018-09-18
NUUO NVRMini2 3.8 - 'cgi_system' Buffer Overflow (Enable Telnet)
2018-09-18
Linux/ARM - Jump Back Shellcode + execve("/bin/sh", NULL, NULL) Shellcode (4 Bytes)
2018-09-18
Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service Exploit
2018-09-17
Joomla JCK Editor 6.4.4 Component - parent SQL Injection Vulnerability
2018-09-17
CA Release Automation NiMi 6.5 - Remote Command Execution
2018-09-17