Exploits (Total: 97839)

    
    
    
ForensiTAppxService 2.2.0.4 - 'ForensiTAppxService.exe' Unquoted Service Path
2020-09-21
BlackCat CMS 1.3.6 - Cross-Site Request Forgery
2020-09-21
Online Shop Project 1.0 - 'p' SQL Injection
2020-09-21
Mantis Bug Tracker 2.3.0 - Remote Code Execution (Unauthenticated)
2020-09-18
SpamTitan 7.07 - Remote Code Execution (Authenticated)
2020-09-18
Microsoft SQL Server Reporting Services 2016 - Remote Code Execution
2020-09-17
Windows TCPIP Finger Command - C2 Channel and Bypassing Security Software
2020-09-16
Piwigo 2.10.1 - Cross Site Scripting
2020-09-16
Tailor MS 1.0 - Reflected Cross-Site Scripting
2020-09-16
ThinkAdmin 6 - Arbitrarily File Read
2020-09-16
Joomla! paGO Commerce 2.5.9.0 - SQL Injection (Authenticated)
2020-09-16
Pearson Vue VTS 2.3.1911 Installer - 'VUEApplicationWrapper' Unquoted Service Path
2020-09-16
RAD SecFlow-1v SF_0290_2.3.01.26 - Cross-Site Request Forgery (Reboot)
2020-09-16
Rapid7 Nexpose Installer 6.6.39 - 'nexposeengine' Unquoted Service Path
2020-09-16
RAD SecFlow-1v SF_0290_2.3.01.26 - Persistent Cross-Site Scripting
2020-09-16
Internet Explorer 11 - Use-After-Free
2020-09-16
Tea LaTex 1.0 - Remote Code Execution (Unauthenticated)
2020-09-16
VTENEXT 19 CE - Remote Code Execution
2020-09-16
Gnome Fonts Viewer 3.34.0 - Heap Corruption
2020-09-16
ZTE Router F602W - Captcha Bypass
2020-09-16
CuteNews 2.1.2 - Remote Code Execution
2020-09-16
Tiandy IPC and NVR 9.12.7 - Credential Disclosure
2020-09-16
Scopia XT Desktop 8.3.915.4 - Cross-Site Request Forgery (change admin password)
2020-09-16
Tailor Management System - 'id' SQL Injection
2020-09-16
Audio Playback Recorder 3.2.2 - Local Buffer Overflow (SEH)
2020-09-16
Input Director 1.4.3 - 'Input Director' Unquoted Service Path
2020-09-16
ShareMouse 5.0.43 - 'ShareMouse Service' Unquoted Service Path
2020-09-08
ManageEngine Applications Manager 14700 - Remote Code Execution (Authenticated)
2020-09-07
grocy 2.7.1 - Persistent Cross-Site Scripting
2020-09-07
Cabot 0.11.12 - Persistent Cross-Site Scripting
2020-09-07
Nord VPN-6.31.13.0 - 'nordvpn-service' Unquoted Service Path
2020-09-04
BarracudaDrive v6.5 - Insecure Folder Permissions
2020-09-03
SiteMagic CMS 4.4.2 - Arbitrary File Upload (Authenticated)
2020-09-03
Daily Tracker System 1.0 - Authentication Bypass
2020-09-03
BloodX CMS 1.0 - Authentication Bypass
2020-09-03
Savsoft Quiz Enterprise Version 5.5 - Persistent Cross-Site Scripting
2020-09-03
Stock Management System 1.0 - Cross-Site Request Forgery (Change Username)
2020-09-02
moziloCMS 2.0 - Persistent Cross-Site Scripting (Authenticated)
2020-09-01
Mara CMS 7.5 - Remote Code Execution (Authenticated)
2020-09-01
CMS Made Simple 2.2.14 - Arbitrary File Upload (Authenticated)
2020-08-31
Fuel CMS 1.4.8 - 'fuel_replace_id' SQL Injection (Authenticated)
2020-08-31
Mara CMS 7.5 - Reflective Cross-Site Scripting
2020-08-31
BlazeDVD 7.0 Professional - '.plf' Local Buffer Overflow (SEH,ASLR,DEP)
2020-08-31
Online Book Store 1.0 - 'id' SQL Injection
2020-08-31
Eibiz i-Media Server Digital Signage 3.8.0 - Privilege Escalation
2020-08-28
SymphonyCMS 3.0.0 - Persistent Cross-Site Scripting
2020-08-28
Nagios Log Server 2.1.6 - Persistent Cross-Site Scripting
2020-08-28
Online Shopping Alphaware 1.0 - 'id' SQL Injection
2020-08-28
Wordpress Plugin Autoptimize 2.7.6 - Arbitrary File Upload (Authenticated)
2020-08-27
ASX to MP3 converter 3.1.3.7.2010.11.05 - '.wax' Local Buffer Overflow (DEP,ASLR Bypass) (PoC)
2020-08-27
Mida eFramework 2.9.0 - Remote Code Execution
2020-08-27
Eibiz i-Media Server Digital Signage 3.8.0 - Directory Traversal
2020-08-26
Ericom Access Server x64 9.2.0 - Server-Side Request Forgery
2020-08-26
Eibiz i-Media Server Digital Signage 3.8.0 - Configuration Disclosure
2020-08-24
Eibiz i-Media Server Digital Signage 3.8.0 - Authentication Bypass
2020-08-24
LimeSurvey 4.3.10 - 'Survey Menu' Persistent Cross-Site Scripting
2020-08-24
vBulletin 5.1.2 < 5.1.9 - Unserialize Code Execution (Metasploit)
2020-08-23
Seowon SlC 130 Router - Remote Code Execution
2020-08-23
Complaint Management System 1.0 - 'cid' SQL Injection
2020-08-23
PNPSCADA 2.200816204020 - 'interf' SQL Injection (Authenticated)
2020-08-23
ElkarBackup 1.3.3 - Persistent Cross-Site Scripting
2020-08-23
Ruijie Networks Switch eWeb S29_RGOS 11.4 - Directory Traversal
2020-08-19
Savsoft Quiz 5 - Stored Cross-Site Scripting
2020-08-18
Pharmacy Medical Store and Sale Point 1.0 - 'catid' SQL Injection
2020-08-18
QiHang Media Web Digital Signage 3.0.9 - Remote Code Execution (Unauthenticated)
2020-08-17
QiHang Media Web Digital Signage 3.0.9 - Unauthenticated Arbitrary File Disclosure
2020-08-17
QiHang Media Web Digital Signage 3.0.9 - Unauthenticated Arbitrary File Deletion
2020-08-17
QiHang Media Web Digital Signage 3.0.9 - Cleartext Credential Disclosure
2020-08-17
Microsoft SharePoint Server 2019 - Remote Code Execution
2020-08-17
Bludit 3.9.2 - Authentication Bruteforce Mitigation Bypass
2020-08-17
GetSimple CMS Plugin Multi User 1.8.2 - Cross-Site Request Forgery (Add Admin)
2020-08-14
Artica Proxy 4.3.0 - Authentication Bypass
2020-08-14
vBulletin 5.6.2 - 'widget_tabbedContainer_tab_panel' Remote Code Execution
2020-08-14
CMS Made Simple 2.2.14 - Authenticated Arbitrary File Upload
2020-08-14
Fuel CMS 1.4.7 - 'col' SQL Injection (Authenticated)
2020-08-14
BarcodeOCR 19.3.6 - 'BarcodeOCR' Unquoted Service Path
2020-08-14
ManageEngine ADSelfService Build prior to 6003 - Remote Code Execution (Unauthenticated)
2020-08-14
Warehouse Inventory System 1.0 - Cross-Site Request Forgery (Change Admin Password)
2020-08-14
Daily Expenses Management System 1.0 - 'item' SQL Injection
2020-08-14
All-Dynamics Digital Signage System 2.0.2 - Cross-Site Request Forgery (Add Admin)
2020-08-14
CodeMeter 6.60 - 'CodeMeter.exe' Unquoted Service Path
2020-08-14
Victor CMS 1.0 - 'Search' SQL Injection
2020-08-14
Stock Management System 1.0 - Authentication Bypass
2020-08-14
QlikView 12.50.20000.0 - 'FTP Server Address' Denial of Service (PoC)
2020-08-14
ACTi NVR3 Standard or Professional Server 3.0.12.42 - Denial of Service (PoC)
2020-08-14
Daily Expenses Management System 1.0 - 'username' SQL Injection
2020-08-14
RTSP for iOS 1.0 - 'IP Address' Denial of Service (PoC)
2020-08-14
Mocha Telnet Lite for iOS 4.2 - 'User' Denial of Service (PoC)
2020-08-14
Pi-hole 4.3.2 - Remote Code Execution (Authenticated)
2020-08-14
Online Shopping Alphaware 1.0 - Authentication Bypass
2020-07-30
Wordpress Plugin Maintenance Mode by SeedProd 5.1.1 - Persistent Cross-Site Scripting
2020-07-29
Cisco Adaptive Security Appliance Software 9.7 - Unauthenticated Arbitrary File Deletion
2020-07-29
Cisco Adaptive Security Appliance Software 9.11 - Local File Inclusion
2020-07-29
eGroupWare 1.14 - 'spellchecker.php' Remote Command Execution
2020-07-29
docPrint Pro 8.0 - 'Add URL' Buffer Overflow (SEH Egghunter)
2020-07-29
Windows/x86 - Download using mshta.exe Shellcode (100 bytes)
2020-07-29
Rails 5.0.1 - Remote Code Execution
2020-07-29
Virtual Airlines Manager 2.6.2 - Persistent Cross-Site Scripting
2020-07-29
pfSense 2.4.4-p3 - Cross-Site Request Forgery
2020-07-29
Socket.io-file 2.0.31 - Arbitrary File Upload
2020-07-29
Exploits/page:


Page:
1-4-2 (www01)