|
Orchard Core RC1 - Persistent Cross-Site Scripting
|
|
2020-05-12
|
|
Phase Botnet - Blind SQL Injection
|
|
2020-05-12
|
|
LibreNMS 1.46 - 'search' SQL Injection
|
|
2020-05-11
|
|
Complaint Management System 1.0 - Authentication Bypass
|
|
2020-05-11
|
|
Victor CMS 1.0 - 'post' SQL Injection
|
|
2020-05-11
|
|
OpenZ ERP 3.6.60 - Persistent Cross-Site Scripting
|
|
2020-05-11
|
|
SolarWinds MSP PME Cache Service 1.1.14 - Insecure File Permissions
|
|
2020-05-11
|
|
CuteNews 2.1.2 - Arbitrary File Deletion
|
|
2020-05-11
|
|
Sentrifugo CMS 3.2 - Persistent Cross-Site Scripting
|
|
2020-05-11
|
|
Kartris 1.6 - Arbitrary File Upload
|
|
2020-05-11
|
|
Online AgroCulture Farm Management System 1.0 - 'uname' SQL Injection
|
|
2020-05-11
|
|
Pi-hole < 4.4 - Remote Code Execution / Privileges Escalation
|
|
2020-05-11
|
|
Pi-hole < 4.4 - Remote Code Execution
|
|
2020-05-11
|
|
Extreme Networks Aerohive HiveOS 11.0 - Remote Denial of Service (PoC)
|
|
2020-05-08
|
|
Online AgroCulture Farm Management System 1.0 - 'pid' SQL Injection
|
|
2020-05-07
|
|
Pisay Online E-Learning System 1.0 - Remote Code Execution
|
|
2020-05-07
|
|
Online Clothing Store 1.0 - Arbitrary File Upload
|
|
2020-05-07
|
|
School File Management System 1.0 - 'username' SQL Injection
|
|
2020-05-07
|
|
Draytek VigorAP 1000C - Persistent Cross-Site Scripting
|
|
2020-05-07
|
|
Car Park Management System 1.0 - Authentication Bypass
|
|
2020-05-07
|
|
FlashGet 1.9.6 - Denial of Service (PoC)
|
|
2020-05-07
|
|
MPC Sharj 3.11.1 - Arbitrary File Download
|
|
2020-05-06
|
|
YesWiki cercopitheque 2020.04.18.1 - 'id' SQL Injection
|
|
2020-05-06
|
|
GitLab 12.9.0 - Arbitrary File Read
|
|
2020-05-06
|
|
webTareas 2.0.p8 - Arbitrary File Deletion
|
|
2020-05-06
|
|
Online Clothing Store 1.0 - 'username' SQL Injection
|
|
2020-05-06
|
|
Booked Scheduler 2.7.7 - Authenticated Directory Traversal
|
|
2020-05-06
|
|
i-doit Open Source CMDB 1.14.1 - Arbitrary File Deletion
|
|
2020-05-06
|
|
Online Clothing Store 1.0 - Persistent Cross-Site Scripting
|
|
2020-05-06
|
|
NEC Electra Elite IPK II WebPro 01.03.01 - Session Enumeration
|
|
2020-05-05
|
|
SimplePHPGal 0.7 - Remote File Inclusion
|
|
2020-05-05
|
|
PhreeBooks ERP 5.2.5 - Remote Command Execution
|
|
2020-05-05
|
|
BlogEngine 3.3 - 'syndication.axd' XML External Entity Injection
|
|
2020-05-05
|
|
Saltstack 3000.2 - Remote Code Execution
|
|
2020-05-05
|
|
webERP 4.15.1 - Unauthenticated Backup File Access
|
|
2020-05-05
|
|
Online Scheduling System 1.0 - 'username' SQL Injection
|
|
2020-05-05
|
|
Oracle Database 11g Release 2 - 'OracleDBConsoleorcl' Unquoted Service Path
|
|
2020-05-05
|
|
Fishing Reservation System 7.5 - 'uid' SQL Injection
|
|
2020-05-05
|
|
addressbook 9.0.0.1 - 'id' SQL Injection
|
|
2020-05-04
|
|
Frigate 3.36 - Buffer Overflow (SEH)
|
|
2020-05-04
|
|
Outline Service 1.3.3 - 'Outline Service ' Unquoted Service Path
|
|
2020-05-04
|
|
osTicket 1.14.1 - Persistent Authenticated Cross-Site Scripting
|
|
2020-05-04
|
|
BoltWire 6.03 - Local File Inclusion
|
|
2020-05-04
|
|
Apache Shiro 1.2.4 - Cookie RememberME Deserial RCE (Metasploit)
|
|
2020-05-01
|
|
Online Scheduling System 1.0 - Authentication Bypass
|
|
2020-05-01
|
|
Apache OFBiz 17.12.03 - Cross-Site Request Forgery (Account Takeover)
|
|
2020-05-01
|
|
HardDrive 2.1 for iOS - Arbitrary File Upload
|
|
2020-05-01
|
|
Super Backup 2.0.5 for iOS - Directory Traversal
|
|
2020-05-01
|
|
php-fusion 9.03.50 - Persistent Cross-Site Scripting
|
|
2020-05-01
|
|
Online Scheduling System 1.0 - Persistent Cross-Site Scripting
|
|
2020-05-01
|