|
Ubiquiti Networks UniFi Cloud Key Command Injection Vulnerability
|
|
2017-10-13
|
|
SilverStrip CMS 3.5.3 Cross Site Scripting Vulnerability
|
|
2017-10-13
|
|
SAP E-Recruiting Email Verification Bypass Vulnerability
|
|
2017-10-13
|
|
ZScada Modbus Buffer 2.0 - Stack-Based Buffer Overflow Exploit
|
|
2017-10-13
|
|
Trend Micro Control Manager - ImportFile Directory Traversal RCE Exploit
|
|
2017-10-13
|
|
Viap Automation WinPLC7 5.0.45.5921 - Recv Buffer Overflow Exploit
|
|
2017-10-13
|
|
Sielco Sistemi Winlog 2.07.16 - Buffer Overflow Exploit
|
|
2017-10-13
|
|
Infinite Automation / Mango Automation - Command Injection Exploit
|
|
2017-10-13
|
|
Fatek Automation PLC WinProladder 3.11 Build 14701 - Stack-Based Buffer Overflow Exploit
|
|
2017-10-13
|
|
EMC CMCNE Inmservlets.war FileUploadController 11.2.1 - Remote Code Execution Exploit
|
|
2017-10-13
|
|
EMC CMCNE 11.2.1 - FileUploadController Remote Code Execution Exploit
|
|
2017-10-13
|
|
Dameware Mini Remote Control 4.0 - Username Stack Buffer Overflow Exploit
|
|
2017-10-13
|
|
Cloudview NMS < 2.00b - Arbitrary File Upload Exploit
|
|
2017-10-13
|
|
Alienvault OSSIM av-centerd Util.pm sync_rserver - Command Execution Exploit
|
|
2017-10-13
|
|
Alienvault OSSIM av-centerd 4.7.0 - (get_log_line) Command Injection Exploit
|
|
2017-10-13
|
|
Motorola Netopia Netoctopus SDCS - Stack Buffer Overflow Exploit
|
|
2017-10-13
|
|
Microsoft Windows .NET Framework - Remote Code Execution 0day Exploit
|
|
2017-10-13
|
|
Mako Web Server 2.5 - Multiple Vulnerabilities
|
|
2017-10-13
|
|
Indusoft Web Studio - Directory Traversal Information Disclosure Exploit
|
|
2017-10-13
|
|
Carel PlantVisor 2.4.4 - Directory Traversal Information Disclosure Exploit
|
|
2017-10-13
|
|
Carel PlantVisor 2.4.4 - Directory Traversal Vulnerability
|
|
2017-10-13
|
|
Carlo Gavazzi Powersoft 2.1.1.1 - Directory Traversal File Disclosure Exploit
|
|
2017-10-13
|
|
ICRestaurant software 1.4 - (key) Parameter SQL Injection Vulnerability
|
|
2017-10-13
|
|
ICDutchAuction 1.2 - SQL Injection Vulnerability
|
|
2017-10-13
|
|
ICAutosales 2.2 - SQL Injection Vulnerability
|
|
2017-10-13
|
|
ICTraveling 2.2 - Authentication Bypass Vulnerability
|
|
2017-10-13
|
|
ICStudents 1.2 - (key) Parameter SQL Injection Vulnerability
|
|
2017-10-13
|
|
ICClassifieds 1.1 - SQL Injection Vulnerability
|
|
2017-10-13
|
|
ICSurvey 1.1 - SQL Injection Vulnerability
|
|
2017-10-13
|
|
ICJewelry 1.1 - key Parameter SQL Injection Vulnerability
|
|
2017-10-13
|
|
IC-T-Shirt 1.2 - key Parameter SQL Injection Vulnerability
|
|
2017-10-13
|
|
ICProductConfigurator 1.1 - (key) Parameter SQL Injection Vulnerability
|
|
2017-10-13
|
|
ICGrocery 1.1 - (key) Parameter SQL Injection Vulnerability
|
|
2017-10-13
|
|
ICCallLimousine 1.1 - (key) Parameter SQL Injection Vulnerability
|
|
2017-10-13
|
|
ICDoctor Appointment 1.3 - (key) Parameter SQL Injection Vulnerability
|
|
2017-10-13
|
|
ICProjectBidding 1.1 - SQL Injection Vulnerability
|
|
2017-10-13
|
|
ICDental Clinic 1.2 - (key) Parameter SQL Injection Vulnerability
|
|
2017-10-13
|
|
ICEstate 1.1 - (id) Parameter SQL Injection Vulnerability
|
|
2017-10-13
|
|
ICHelpDesk 1.1 - (pk) Parameter SQL Injection Vulnerability
|
|
2017-10-13
|
|
ICSiteBuilder 1.1 - SQL Injection Vulnerability
|
|
2017-10-13
|
|
ICAffiliateTracking 1.1 - Authentication Bypass Vulnerability
|
|
2017-10-13
|
|
ICLowBidAuction 3.3 - SQL Injection Vulnerability
|
|
2017-10-13
|
|
ICMLM 2.1 - (key) Parameter SQL Injection Vulnerability
|
|
2017-10-13
|
|
ICHotelReservation 3.3 - (key) Parameter SQL Injection Vulnerability
|
|
2017-10-13
|
|
ICAuction 2.2 - (id) Parameter SQL InjectionVulnerability
|
|
2017-10-13
|
|
Unique Low Bid Auction Script 3.3 - SQL Injection Vulnerability
|
|
2017-10-13
|
|
MLM Software Script 2.1 - (key) Parameter SQL Injection Vulnerability
|
|
2017-10-13
|
|
Hotel Reservation Site Script 3.3 - (key) Parameter SQL Injection Vulnerability
|
|
2017-10-13
|
|
eBay like Auction PHP Script 2.2 - (id) Parameter SQL Injection Vulnerability
|
|
2017-10-13
|
|
Doctor Appointment Script 1.3 - (key) Parameter SQL Injection Vulnerability
|
|
2017-10-13
|
|
Restaurant Site Script 1.4 - (key) Parameter SQL Injection Vulnerability
|
|
2017-10-13
|
|
Dutch Auction Script 1.2 - SQL Injection Vulnerability
|
|
2017-10-13
|
|
osTicket 1.10 - SQL Injection Vulnerability
|
|
2017-10-13
|
|
FoodStar 1.0 - SQL Injection Vulnerability
|
|
2017-10-13
|
|
Gr8 Multiple Search Engine Script 1.0 - SQL Injection Vulnerability
|
|
2017-10-13
|
|
inClick Cloud Server 5.0 - SQL Injection Vulnerability
|
|
2017-10-13
|
|
binutils 2.29.51.20170921 - 'read_1_byte' Heap-Based Buffer Overflow
|
|
2017-10-11
|
|
ASX to MP3 3.1.3.7 - '.m3u' Buffer Overflow
|
|
2017-10-11
|
|
VX Search Enterprise 10.1.12 - Buffer Overflow
|
|
2017-10-11
|
|
Trend Micro OfficeScan 11.0/XG (12.0) - Remote Code Execution (Metasploit)
|
|
2017-10-11
|
|
ASX to MP3 converter < 3.1.3.7 - Stack Overflow (DEP Bypass)
|
|
2017-10-10
|
|
IBM Notes 8.5.x/9.0.x - Denial of Service (Metasploit)
|
|
2017-10-10
|
|
Complain Management System - Hard-Coded Credentials / Blind SQL injection
|
|
2017-10-10
|
|
ClipShare 7.0 - SQL Injection
|
|
2017-10-10
|
|
Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution
|
|
2017-10-09
|
|
OrientDB 2.2.2 - 2.2.22 - Remote Code Execution (Metasploit)
|
|
2017-10-09
|
|
Rancher Server - Docker Daemon Code Execution (Metasploit)
|
|
2017-10-09
|
|
PyroBatchFTP 3.17 - Buffer Overflow (SEH)
|
|
2017-10-08
|
|
Metasploit < 4.14.1-20170828 - Cross-Site Request Forgery
|
|
2017-10-08
|
|
Microsoft Windows 10 x64 RS2 - 'win32kfull!bFill' Pool Overflow
|
|
2017-10-06
|
|
Unitrends UEB 9.1 - Privilege Escalation
|
|
2017-10-06
|
|
Unitrends UEB 9.1 - Authentication Bypass / Remote Command Execution
|
|
2017-10-06
|
|
Unitrends UEB 9.1 - 'Unitrends bpserverd' Remote Command Execution
|
|
2017-10-06
|
|
NETGEAR ReadyNAS Surveillance 1.4.3-16 - Remote Command Execution
|
|
2017-10-05
|
|
WebKit JSC - 'BytecodeGenerator::emitGetByVal' Incorrect Optimization (2)
|
|
2017-10-04
|
|
ClipBucket 2.8.3 - Remote Code Execution
|
|
2017-10-04
|
|
Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution
|
|
2017-10-04
|
|
ERS Data System 1.8.1 - Java Deserialization
|
|
2017-10-04
|
|
DiskBoss Enterprise 8.4.16 - Local Buffer Overflow
|
|
2017-10-04
|
|
EPESI 1.8.2 rev20170830 - Cross-Site Scripting
|
|
2017-10-04
|
|
UCOPIA Wireless Appliance < 5.1 (Captive Portal) - Unauthenticated Root Remote Code Execution
|
|
2017-10-03
|
|
Apple Mac OS X + Safari - Local Javascript Quarantine Bypass
|
|
2017-10-03
|
|
Microsoft Word 2007 (x86) - Information Disclosure
|
|
2017-10-03
|
|
Fiberhome AN5506-04-F - Command Injection
|
|
2017-10-03
|
|
Dnsmasq < 2.78 - Integer Underflow
|
|
2017-10-02
|
|
Dnsmasq < 2.78 - Lack of free() Denial of Service
|
|
2017-10-02
|
|
Dnsmasq < 2.78 - Information Leak
|
|
2017-10-02
|
|
Dnsmasq < 2.78 - Stack-Based Overflow
|
|
2017-10-02
|
|
Dnsmasq < 2.78 - Heap-Based Overflow
|
|
2017-10-02
|
|
Dnsmasq < 2.78 - 2-byte Heap-Based Overflow
|
|
2017-10-02
|
|
OpenText Document Sciences xPression 4.5SP1 Patch 13 - 'documentId' SQL Injection
|
|
2017-10-02
|
|
OpenText Document Sciences xPression 4.5SP1 Patch 13 - 'jobRunId' SQL Injection
|
|
2017-10-02
|
|
Qmail SMTP - Bash Environment Variable Injection (Metasploit)
|
|
2017-10-02
|
|
UCOPIA Wireless Appliance < 5.1.8 - Restricted Shell Escape
|
|
2017-10-02
|
|
UCOPIA Wireless Appliance < 5.1.8 - Privilege Escalation
|
|
2017-10-02
|
|
phpCollab 2.5.1 - SQL Injection
|
|
2017-10-02
|
|
phpCollab 2.5.1 - Arbitrary File Upload
|
|
2017-10-02
|
|
NPM-V (Network Power Manager) 2.4.1 - Password Reset
|
|
2017-10-02
|
|
Linux Kernel < 4.14.rc3 - Local Denial of Service
|
|
2017-10-02
|
|
HBGK DVR 3.0.0 build20161206 - Authentication Bypass
|
|
2017-10-01
|
|
Sync Breeze Enterprise 10.0.28 - Buffer Overflow
|
|
2017-10-01
|
|
ConverTo Video Downloader & Converter 1.4.1 - Arbitrary File Download
|
|
2017-10-01
|
|
Real Estate MLM plan script 1.0 - 'srch' Parameter SQL Injection
|
|
2017-10-01
|
|
PHP Multi Vendor Script 1.02 - 'sid' Parameter SQL Injection
|
|
2017-10-01
|
|
WordPress Plugin WPHRM - SQL Injection
|
|
2017-10-01
|
|
SmarterStats 11.3.6347 - Cross-Site Scripting
|
|
2017-10-01
|
|
Dup Scout Enterprise 10.0.18 - 'Import Command' Buffer Overflow
|
|
2017-10-01
|
|
TeaMp0isoN Issue 1
|
|
2017-09-30
|
|
Phrack #60
|
|
2017-09-30
|
|
Phrack #58
|
|
2017-09-30
|
|
Phrack #57
|
|
2017-09-30
|
|
Phrack #56
|
|
2017-09-30
|
|
Phrack #55
|
|
2017-09-30
|
|
Phrack #54
|
|
2017-09-30
|
|
Phrack #53
|
|
2017-09-30
|
|
Phrack #52
|
|
2017-09-30
|
|
Phrack #51
|
|
2017-09-30
|
|
Phrack #50
|
|
2017-09-30
|
|
Phrack #49
|
|
2017-09-30
|
|
Phrack #48
|
|
2017-09-30
|
|
Phrack #42
|
|
2017-09-30
|
|
Phrack #40
|
|
2017-09-30
|
|
Phrack #38
|
|
2017-09-30
|
|
Phrack #35
|
|
2017-09-30
|
|
[eZine] Owned and Exposed - ISSUE no 1
|
|
2017-09-30
|
|
Microsoft Windows Server 2008 R2 (x64) - 'SrvOs2FeaToNt' SMB Remote Code Execution (MS17-010)
|
|
2017-09-30
|
|
FileRun <= 2017.09.18 - SQL Injection
|
|
2017-09-29
|
|
Trend Micro OfficeScan 11.0/XG (12.0) - Memory Corruption
|
|
2017-09-29
|
|
Easy Blog PHP Script 1.3a - 'id' Parameter SQL Injection
|
|
2017-09-28
|
|
DiskBoss Enterprise 8.4.16 - 'Import Command' Buffer Overflow
|
|
2017-09-28
|
|
DiskBoss Enterprise 8.4.16 - Local Buffer Overflow (PoC)
|
|
2017-09-28
|
|
Trend Micro OfficeScan 11.0/XG (12.0) - 'Host' Header Injection
|
|
2017-09-28
|
|
Trend Micro OfficeScan 11.0/XG (12.0) - Information Disclosure
|
|
2017-09-28
|
|
Roteador Wireless Intelbras WRN150 - Autentication Bypass
|
|
2017-09-28
|
|
Trend Micro OfficeScan 11.0/XG (12.0) - Server Side Request Forgery
|
|
2017-09-28
|
|
Trend Micro OfficeScan 11.0/XG (12.0) - Code Execution / Memory Corruption
|
|
2017-09-28
|
|
Trend Micro OfficeScan 11.0/XG (12.0) - Information Disclosure
|
|
2017-09-28
|
|
HackThisZine (HTZ) #7
|
|
2017-09-28
|
|
HackThisZine (HTZ) #6 - Lets Smash Windows!
|
|
2017-09-28
|
|
HackThisZine (HTZ) #4 - Ammo For The Info-Warrior
|
|
2017-09-28
|
|
HackThisZine (HTZ) #3
|
|
2017-09-28
|
|
HackThisZine (HTZ) #2
|
|
2017-09-28
|
|
HackThisZine (HTZ) #1
|
|
2017-09-28
|
|
LabSec Industries - x0x0x exposed
|
|
2017-09-28
|
|
x0x0x #2
|
|
2017-09-28
|
|
x0x0x #1
|
|
2017-09-28
|
|
TeaMp0isoN Issue 2
|
|
2017-09-28
|
|
Hack The Planet (HTP) Zine 3
|
|
2017-09-28
|
|
Hack The Planet (HTP) Zine 2
|
|
2017-09-28
|
|
FUCK THEM ALL (FTA) - Staminus Communications
|
|
2017-09-28
|
|
Inj3ct0r Team has hacked ExploitHub.com
|
|
2017-09-28
|
|
A day in the life of a pentester: How I owned your domain in 4 hours
|
|
2017-09-28
|
|
Cisco Prime Collaboration Provisioning < 12.1 - Authentication Bypass / Remote Code Execution
|
|
2017-09-28
|
|
LAquis SCADA 4.1.0.2385 - Directory Traversal (Metasploit)
|
|
2017-09-28
|
|
Fibaro Home Center 2 - Remote Command Execution / Privilege Escalation
|
|
2017-09-27
|
|
Phrack: VM escape - QEMU Case Study
|
|
2017-09-27
|
|
Phrack: Team Shellphish - Cyber Grand Shellphish
|
|
2017-09-27
|
|
Phrack: Attacking JavaScript Engines: A case study of JavaScriptCore and CVE-2016-4622
|
|
2017-09-27
|
|
Phrack #41
|
|
2017-09-27
|
|
Phrack #39
|
|
2017-09-27
|
|
Phrack #37
|
|
2017-09-27
|
|
Phrack #36
|
|
2017-09-27
|
|
Phrack #34
|
|
2017-09-27
|
|
Phrack #33
|
|
2017-09-27
|
|
Phrack #32
|
|
2017-09-27
|
|
Phrack #31
|
|
2017-09-27
|
|
Phrack #30
|
|
2017-09-27
|
|
Phrack #29
|
|
2017-09-27
|
|
Phrack #28
|
|
2017-09-27
|
|
Phrack #27
|
|
2017-09-27
|
|
Phrack #26
|
|
2017-09-27
|
|
Phrack #25
|
|
2017-09-27
|
|
Phrack #24
|
|
2017-09-27
|
|
Phrack #23
|
|
2017-09-27
|
|
Phrack #22
|
|
2017-09-27
|
|
Phrack #21
|
|
2017-09-27
|
|
Phrack #20
|
|
2017-09-27
|
|
Phrack #19
|
|
2017-09-27
|
|
Phrack #18
|
|
2017-09-27
|
|
Phrack #17
|
|
2017-09-27
|
|
Phrack #16
|
|
2017-09-27
|
|
Phrack #15
|
|
2017-09-27
|
|
Phrack #14
|
|
2017-09-27
|
|
Phrack #13
|
|
2017-09-27
|
|
Phrack #12
|
|
2017-09-27
|
|
Phrack #11
|
|
2017-09-27
|
|
Phrack #10
|
|
2017-09-27
|
|
Phrack #09
|
|
2017-09-27
|
|
Phrack #08
|
|
2017-09-27
|
|
Phrack #07
|
|
2017-09-27
|
|
Phrack #06
|
|
2017-09-27
|
|
Phrack #05
|
|
2017-09-27
|
|
Phrack #04
|
|
2017-09-27
|
|
Phrack #03
|
|
2017-09-27
|
|
Phrack #02
|
|
2017-09-27
|
|
Phrack - 01
|
|
2017-09-27
|
|
Tiny HTTPd 0.1.0 - Directory Traversal
|
|
2017-09-27
|
|
WordPress Plugin WPAMS - SQL Injection
|
|
2017-09-27
|
|
WordPress Plugin School Management System - SQL Injection
|
|
2017-09-27
|
|
WordPress Plugin Hospital Management System - SQL Injection
|
|
2017-09-27
|
|
WordPress Plugin WPGYM - SQL Injection
|
|
2017-09-27
|
|
WordPress Plugin WPCHURCH - SQL Injection
|
|
2017-09-27
|
|
AMC Master - Arbitrary File Upload
|
|
2017-09-27
|
|
SMSmaster - SQL Injection
|
|
2017-09-27
|
|
Photo Fusion - Arbitrary File Upload
|
|
2017-09-27
|
|
TicketPlus - Arbitrary File Upload
|
|
2017-09-27
|
|
Job Links - Arbitrary File Upload
|
|
2017-09-27
|
|
WordPress Plugin Content Timeline - SQL Injection
|
|
2017-09-27
|
|
NodeJS Debugger - Command Injection (Metasploit)
|
|
2017-09-26
|
|
Sitefinity CMS 9.2 - Cross-Site Scripting
|
|
2017-09-26
|
|
Linux/x86_64 - mkdir() 'evil' Shellcode (30 bytes)
|
|
2017-09-26
|
|
FLIR Thermal Camera F/FC/PT/D - Stream Disclosure
|
|
2017-09-26
|
|
FLIR Thermal Camera FC-S/PT - Command Injection
|
|
2017-09-26
|
|
FLIR Thermal Camera F/FC/PT/D - SSH Backdoor
|
|
2017-09-26
|
|
FLIR Thermal Camera F/FC/PT/D - Information Disclosure
|
|
2017-09-26
|
|
FLIR Systems FLIR Thermal Camera PT-Series (PT-334 200562) - Root Remote Code Execution
|
|
2017-09-26
|
|
Oracle 9i XDB 9.2.0.1 - HTTP PASS Buffer Overflow
|
|
2017-09-26
|
|
Supervisor 3.0a1 - 3.3.2 - XML-RPC Authenticated Remote Code Execution (Metasploit)
|
|
2017-09-25
|
|
JitBit HelpDesk <= 9.0.2 - Authentication Bypass
|
|
2017-09-25
|
|
Disk Pulse Enterprise 10.0.12 - GET Buffer Overflow (SEH)
|
|
2017-09-25
|
|
CyberLink LabelPrint <=2.5 - Buffer Overflow (SEH Unicode)
|
|
2017-09-25
|
|
PHP Auction Ecommerce Script 1.6 - SQL Injection
|
|
2017-09-24
|
|
Secure E-commerce Script 1.02 - 'sid' Parameter SQL Injection
|
|
2017-09-24
|
|
Claydip Airbnb Clone 1.0 - Arbitrary File Upload
|
|
2017-09-24
|
|
Cash Back Comparison Script 1.0 - SQL Injection
|
|
2017-09-24
|
|
Multi Level Marketing - SQL Injection
|
|
2017-09-24
|
|
Lending And Borrowing - 'pid' Parameter SQL Injection
|
|
2017-09-24
|
|
DenyAll WAF < 6.3.0 - Remote Code Execution (Metasploit)
|
|
2017-09-23
|
|
Stock Photo Selling 1.0 - SQL Injection
|
|
2017-09-22
|
|
Disk Pulse Enterprise 9.9.16 - GET Buffer Overflow (Metasploit)
|
|
2017-09-21
|
|
Microsoft Edge Chakra - 'JavascriptFunction::ReparseAsmJsModule' Incorrectly Re-parses
|
|
2017-09-21
|
|
Microsoft Edge Chakra - 'Parser::ParseCatch' does not Handle 'eval'
|
|
2017-09-21
|
|
Microsoft Edge Chakra - Deferred Parsing Makes Wrong Scopes
|
|
2017-09-21
|
|
Microsoft Edge - Chakra Incorrectly Parses Object Patterns
|
|
2017-09-21
|
|
Linux Kernel <= 4.13.1 - BlueTooth Buffer Overflow (PoC)
|
|
2017-09-21
|
|
PHPMyFAQ 2.9.8 - Cross-Site Scripting
|
|
2017-09-21
|
|
Microsoft Edge 38.14393.1066.0 - 'COptionsCollectionCacheItem::GetAt' Out-of-Bounds Read
|
|
2017-09-19
|
|
Microsoft Edge 38.14393.1066.0 - Memory Corruption with Partial Page Loading
|
|
2017-09-19
|
|
Burp Suite v1.7.27 - Remote Code Execution Vulnerability
|
|
2017-09-19
|
|
HPE < 7.2 - Java Deserialization
|
|
2017-09-19
|
|
Tecnovision DLX Spot - Arbitrary File Upload
|
|
2017-09-19
|
|
Tecnovision DLX Spot - Authentication Bypass
|
|
2017-09-19
|
|
Tecnovision DLX Spot - SSH Backdoor
|
|
2017-09-19
|
|
iTech Gigs Script 1.20 - 'cat' Parameter SQL Injection
|
|
2017-09-19
|
|
Foodspotting Clone 1.0 - SQL Injection
|
|
2017-09-19
|
|
Microsoft Windows Kernel - 'win32k!NtQueryCompositionSurfaceBinding' Stack Memory Disclosure
|
|
2017-09-18
|
|
Microsoft Windows Kernel - 'win32k!NtGdiDoBanding' Stack Memory Disclosure
|
|
2017-09-18
|
|
Microsoft Windows Kernel - 'win32k!NtGdiEngCreatePalette' Stack Memory Disclosure
|
|
2017-09-18
|
|
Microsoft Windows Kernel - 'win32k!NtGdiGetFontResourceInfoInternalW' Stack Memory Disclosure
|
|
2017-09-18
|
|
Microsoft Windows Kernel win32k.sys TTF Font Processing - Out-of-Bounds Read with Malformed "glyf" Table (win32k!fsc_CalcGrayRow)
|
|
2017-09-18
|