|
Event Calendar 3.7.4 - 'id' SQL Injection
|
|
2019-01-10
|
|
MLMPro 1.0 - SQL Injection
|
|
2019-01-10
|
|
Architectural 1.0 - 'email' SQL Injection
|
|
2019-01-10
|
|
Shield CMS 2.2 - 'email' SQL Injection
|
|
2019-01-10
|
|
doitX 1.0 - 'search' SQL Injection
|
|
2019-01-10
|
|
Matrix MLM Script 1.0 - Information Disclosure
|
|
2019-01-10
|
|
eBrigade ERP 4.5 - Arbitrary File Download
|
|
2019-01-10
|
|
PEAR Archive_Tar < 1.4.4 - PHP Object Injection
|
|
2019-01-10
|
|
RGui 3.5.0 - Local Buffer Overflow (SEH)(DEP Bypass)
|
|
2019-01-10
|
|
BlogEngine 3.3 - XML External Entity Injection
|
|
2019-01-09
|
|
polkit - Temporary auth Hijacking via PID Reuse and Non-atomic Fork
|
|
2019-01-09
|
|
Microsoft Windows - DSSVC CheckFilePermission Arbitrary File Deletion
|
|
2019-01-09
|
|
Linux/x86 - wget chmod execute over execve /bin/sh -c Shellcode (119 bytes)
|
|
2019-01-09
|
|
ZTE MF65 BD_HDV6MF65V1.0.0B05 - Cross-Site Scripting
|
|
2019-01-09
|
|
Microsoft Office SharePoint Server 2016 - Denial of Service (Metasploit)
|
|
2019-01-09
|
|
Heatmiser Wifi Thermostat 1.7 - Cross-Site Request Forgery (Update Admin)
|
|
2019-01-09
|
|
Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory. Denial of Service (PoC)
|
|
2019-01-09
|
|
Microsoft Windows - Windows Error Reporting Local Privilege Escalation
|
|
2019-01-09
|
|
MDwiki < 0.6.2 - Cross-Site Scripting
|
|
2019-01-09
|
|
Wireshark - 'get_t61_string' Heap Out-of-Bounds Read
|
|
2019-01-08
|
|
Dolibarr ERP-CRM 8.0.4 - 'rowid' SQL Injection
|
|
2019-01-08
|
|
CF Image Hosting Script 1.6.5 - (Delete all Pictures) Privilege Escalation
|
|
2019-01-08
|
|
KioWare Server Version 4.9.6 - Weak Folder Permissions Privilege Escalation
|
|
2019-01-07
|
|
Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery (Send SMS)
|
|
2019-01-07
|
|
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 - JS/HTML Code Injection
|
|
2019-01-07
|
|
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 - Cross-Site Request Forgery
|
|
2019-01-07
|
|
Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service (PoC)
|
|
2019-01-07
|
|
SpotFTP Password Recover 2.4.2 - 'Name' Denial of Service (PoC)
|
|
2019-01-07
|
|
BlueAuditor 1.7.2.0 - 'Key' Denial of Service (PoC)
|
|
2019-01-07
|
|
Ajera Timesheets 9.10.16 - Deserialization of Untrusted Data
|
|
2019-01-07
|
|
Roxy Fileman 1.4.5 - Unrestricted File Upload / Directory Traversal
|
|
2019-01-07
|
|
MyT Project Management 1.5.1 - 'Charge[group_total]' SQL Injection
|
|
2019-01-07
|
|
Wordpress Plugin UserPro < 4.9.21 - User Registration Privilege Escalation
|
|
2019-01-07
|
|
phpMoAdmin MongoDB GUI 1.1.5 - Cross-Site Request Forgery / Cross-Site Scripting
|
|
2019-01-07
|
|
PLC Wireless Router GPN2.4P21-C-CN - Cross-Site Scripting
|
|
2019-01-07
|
|
MyBB OUGC Awards Plugin 1.8.3 - Persistent Cross-Site Scripting
|
|
2019-01-07
|
|
LayerBB 1.1.1 - Persistent Cross-Site Scripting
|
|
2019-01-07
|
|
Microsoft Edge 44.17763.1.0 - NULL Pointer Dereference
|
|
2019-01-07
|
|
All in One Video Downloader 1.2 - Authenticated SQL Injection
|
|
2019-01-07
|
|
Embed Video Scripts - Persistent Cross-Site Scripting
|
|
2019-01-07
|
|
Mailcleaner - Authenticated Remote Code Execution (Metasploit)
|
|
2019-01-07
|
|
Hashicorp Consul - Remote Command Execution via Services API (Metasploit)
|
|
2019-01-02
|
|
Hashicorp Consul - Remote Command Execution via Rexec (Metasploit)
|
|
2019-01-02
|
|
WebKit JSC - 'JSArray::shiftCountWithArrayStorage' Out-of-Bounds Read/Write
|
|
2019-01-02
|
|
WebKit JSC - 'AbstractValue::set' Use-After-Free
|
|
2019-01-02
|
|
Ayukov NFTP FTP Client 2.0 - Buffer Overflow
|
|
2019-01-02
|
|
NetworkSleuth 3.0.0.0 - 'Key' Denial of Service (PoC)
|
|
2019-01-02
|
|
EZ CD Audio Converter 8.0.7 - Denial of Service (PoC)
|
|
2019-01-02
|
|
Frog CMS 0.9.5 - Cross-Site Scripting
|
|
2019-01-02
|
|
WordPress Plugin Adicon Server 1.2 - 'selectedPlace' SQL Injection
|
|
2019-01-02
|