|
Plone CMS 5.2.3 - 'Title' Stored XSS
|
|
2021-03-29
|
|
Hestia Control Panel 1.3.2 - Arbitrary File Write
|
|
2021-03-29
|
|
SEO Panel 4.8.0 - 'order_col' Blind SQL Injection
|
|
2021-03-29
|
|
rConfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated)
|
|
2021-03-29
|
|
Sony Playstation 4 (PS4) < 7.55 - 'Jailbreak' Webkit / Kernel Loader 'SOCK_RAW' 'IP6_EXTHDR_CHECK'
|
|
2021-03-29
|
|
Microsoft Exchange 2019 - SSRF to Arbitrary File Write (Proxylogon)
|
|
2021-03-29
|
|
VestaCP 0.9.8 - 'v_interface' Add IP Stored XSS
|
|
2021-03-29
|
|
VFS for Git 1.0.21014.1 - 'GVFS.Service' Unquoted Service Path
|
|
2021-03-29
|
|
FastStone Image Viewer 7.5 - .cur BITMAPINFOHEADER 'BitCount' Stack Based Buffer Overflow (ASLR & DEP Bypass)
|
|
2021-03-29
|
|
VestaCP 0.9.8 - File Upload CSRF
|
|
2021-03-29
|
|
Breaking the Business Logic - Paper
|
|
2021-03-29
|
|
WoWonder Social Network Platform 3.1 - 'event_id' SQL Injection
|
|
2021-03-29
|
|
GeoGebra 3D Calculator 5.0.511.0 - Denial of Service (PoC)
|
|
2021-03-29
|
|
GeoGebra CAS Calculator 6.0.631.0 - Denial of Service (PoC)
|
|
2021-03-29
|
|
GeoGebra Classic 5.0.631.0-d - Denial of Service (PoC)
|
|
2021-03-29
|
|
GeoGebra Graphing Calculator 6.0.631.0 - Denial Of Service (PoC)
|
|
2021-03-29
|
|
Alphaware E-Commerce System 1.0 - Unauthenicated Remote Code Execution (File Upload + SQL injection)
|
|
2021-03-29
|
|
SonLogger 4.2.3.3 - Unauthenticated Arbitrary File Upload (Metasploit)
|
|
2021-03-29
|
|
Sonlogger 4.2.3.3 - SuperAdmin Account Creation / Information Disclosure
|
|
2021-03-29
|
|
openMAINT openMAINT 2.1-3.3-b - 'Multiple' Persistent Cross-Site Scripting
|
|
2021-03-29
|
|
Interactive Suite 3.6 - 'eBeam Stylus Driver' Unquoted Service Path
|
|
2021-03-29
|
|
eBeam education suite 2.5.0.9 - 'eBeam Device Service' Unquoted Service Path
|
|
2021-03-29
|
|
Realtek Wireless LAN Utility 700.1631 - 'Realtek11nSU' Unquoted Service Path
|
|
2021-03-29
|
|
QNAP QVR Client 5.0.0.13230 - 'QVRService' Unquoted Service Path
|
|
2021-03-29
|
|
rConfig 3.9.6 - 'path' Local File Inclusion (Authenticated)
|
|
2021-03-29
|
|
MagpieRSS 0.72 - 'url' Command Injection and Server Side Request Forgery
|
|
2021-03-29
|
|
Zenario CMS 8.8.53370 - 'id' Blind SQL Injection
|
|
2021-03-29
|
|
Vembu BDR 4.2.0.1 U1 - Multiple Unquoted Service Paths
|
|
2021-03-29
|
|
Monitoring System (Dashboard) 1.0 - File Upload RCE (Authenticated)
|
|
2021-03-29
|
|
Monitoring System (Dashboard) 1.0 - 'uname' SQL Injection
|
|
2021-03-29
|
|
Nsasoft Hardware Software Inventory 1.6.4.0 - 'multiple' Denial of Service (PoC)
|
|
2021-03-29
|
|
Microsoft Exchange 2019 - SSRF to Arbitrary File Write (Proxylogon) (PoC)
|
|
2021-03-29
|
|
MyBB OUGC Feedback Plugin 1.8.22 - Cross-Site Scripting
|
|
2021-03-29
|
|
NuCom 11N Wireless Router 5.07.90 - Remote Privilege Escalation
|
|
2021-03-29
|
|
Atlassian JIRA 8.11.1 - User Enumeration
|
|
2021-03-29
|
|
bVPN 2.5.1 - 'waselvpnserv' Unquoted Service Path
|
|
2021-03-09
|
|
Sandboxie Plus v0.7.2 - 'SbieSvc' Unquoted Service Path
|
|
2021-03-09
|
|
FreeLAN 2.2 - 'FreeLAN Service' Unquoted Service Path
|
|
2021-03-09
|
|
Golden FTP Server 4.70 - 'PASS' Buffer Overflow (2)
|
|
2021-03-09
|
|
GLPI 9.5.3 - 'fromtype' Unsafe Reflection
|
|
2021-03-08
|
|
Joomla JCK Editor 6.4.4 - 'parent' SQL Injection (2)
|
|
2021-03-08
|
|
Pingzapper 2.3.1 - 'PingzapperSvc' Unquoted Service Path
|
|
2021-03-08
|
|
Hotel and Lodge Management System 1.0 - Remote Code Execution (Unauthenticated)
|
|
2021-03-08
|
|
Configuration Tool 1.6.53 - 'OpLclSrv' Unquoted Service Path
|
|
2021-03-08
|
|
Print Job Accounting 4.4.10 - 'OkiJaSvc' Unquoted Service Path
|
|
2021-03-08
|
|
Fluig 1.7.0 - Path Traversal
|
|
2021-03-05
|
|
CatDV 9.2 - RMI Authentication Bypass
|
|
2021-03-05
|
|
Textpattern 4.8.3 - Remote code execution (Authenticated) (2)
|
|
2021-03-04
|
|
Web Based Quiz System 1.0 - 'eid' Union Based Sql Injection (Authenticated)
|
|
2021-03-04
|
|
Online Ordering System 1.0 - Blind SQL Injection (Unauthenticated)
|
|
2021-03-04
|