|
Pi-hole < 4.4 - Remote Code Execution / Privileges Escalation
|
|
2020-05-11
|
|
Pi-hole < 4.4 - Remote Code Execution
|
|
2020-05-11
|
|
Extreme Networks Aerohive HiveOS 11.0 - Remote Denial of Service (PoC)
|
|
2020-05-08
|
|
Online AgroCulture Farm Management System 1.0 - 'pid' SQL Injection
|
|
2020-05-07
|
|
Pisay Online E-Learning System 1.0 - Remote Code Execution
|
|
2020-05-07
|
|
Online Clothing Store 1.0 - Arbitrary File Upload
|
|
2020-05-07
|
|
School File Management System 1.0 - 'username' SQL Injection
|
|
2020-05-07
|
|
Draytek VigorAP 1000C - Persistent Cross-Site Scripting
|
|
2020-05-07
|
|
Car Park Management System 1.0 - Authentication Bypass
|
|
2020-05-07
|
|
FlashGet 1.9.6 - Denial of Service (PoC)
|
|
2020-05-07
|
|
MPC Sharj 3.11.1 - Arbitrary File Download
|
|
2020-05-06
|
|
YesWiki cercopitheque 2020.04.18.1 - 'id' SQL Injection
|
|
2020-05-06
|
|
GitLab 12.9.0 - Arbitrary File Read
|
|
2020-05-06
|
|
webTareas 2.0.p8 - Arbitrary File Deletion
|
|
2020-05-06
|
|
Online Clothing Store 1.0 - 'username' SQL Injection
|
|
2020-05-06
|
|
Booked Scheduler 2.7.7 - Authenticated Directory Traversal
|
|
2020-05-06
|
|
i-doit Open Source CMDB 1.14.1 - Arbitrary File Deletion
|
|
2020-05-06
|
|
Online Clothing Store 1.0 - Persistent Cross-Site Scripting
|
|
2020-05-06
|
|
NEC Electra Elite IPK II WebPro 01.03.01 - Session Enumeration
|
|
2020-05-05
|
|
SimplePHPGal 0.7 - Remote File Inclusion
|
|
2020-05-05
|
|
PhreeBooks ERP 5.2.5 - Remote Command Execution
|
|
2020-05-05
|
|
BlogEngine 3.3 - 'syndication.axd' XML External Entity Injection
|
|
2020-05-05
|
|
Saltstack 3000.2 - Remote Code Execution
|
|
2020-05-05
|
|
webERP 4.15.1 - Unauthenticated Backup File Access
|
|
2020-05-05
|
|
Online Scheduling System 1.0 - 'username' SQL Injection
|
|
2020-05-05
|
|
Oracle Database 11g Release 2 - 'OracleDBConsoleorcl' Unquoted Service Path
|
|
2020-05-05
|
|
Fishing Reservation System 7.5 - 'uid' SQL Injection
|
|
2020-05-05
|
|
addressbook 9.0.0.1 - 'id' SQL Injection
|
|
2020-05-04
|
|
Frigate 3.36 - Buffer Overflow (SEH)
|
|
2020-05-04
|
|
Outline Service 1.3.3 - 'Outline Service ' Unquoted Service Path
|
|
2020-05-04
|
|
osTicket 1.14.1 - Persistent Authenticated Cross-Site Scripting
|
|
2020-05-04
|
|
BoltWire 6.03 - Local File Inclusion
|
|
2020-05-04
|
|
Apache Shiro 1.2.4 - Cookie RememberME Deserial RCE (Metasploit)
|
|
2020-05-01
|
|
Online Scheduling System 1.0 - Authentication Bypass
|
|
2020-05-01
|
|
Apache OFBiz 17.12.03 - Cross-Site Request Forgery (Account Takeover)
|
|
2020-05-01
|
|
HardDrive 2.1 for iOS - Arbitrary File Upload
|
|
2020-05-01
|
|
Super Backup 2.0.5 for iOS - Directory Traversal
|
|
2020-05-01
|
|
php-fusion 9.03.50 - Persistent Cross-Site Scripting
|
|
2020-05-01
|
|
Online Scheduling System 1.0 - Persistent Cross-Site Scripting
|
|
2020-05-01
|
|
VirtualTablet Server 3.0.2 - Denial of Service (PoC)
|
|
2020-05-01
|
|
ChemInv 1.0 - Authenticated Persistent Cross-Site Scripting
|
|
2020-05-01
|
|
Druva inSync Windows Client 6.5.2 - Local Privilege Escalation
|
|
2020-04-29
|
|
hits script 1.0 - 'item_name' SQL Injection
|
|
2020-04-29
|
|
EmEditor 19.8 - Insecure File Permissions
|
|
2020-04-29
|
|
Internet Download Manager 6.37.11.1 - Stack Buffer Overflow (PoC)
|
|
2020-04-29
|
|
Andrea ST Filters Service 1.0.64.7 - 'Andrea ST Filters Service ' Unquoted Service Path
|
|
2020-04-29
|
|
Easy Transfer 1.7 for iOS - Directory Traversal
|
|
2020-04-29
|
|
School ERP Pro 1.0 - Arbitrary File Read
|
|
2020-04-29
|
|
Open-AudIT Professional 3.3.1 - Remote Code Execution
|
|
2020-04-29
|
|
School ERP Pro 1.0 - Remote Code Execution
|
|
2020-04-29
|