Exploits (Total: 97839)

    
    
    
Smartshop 1 - 'id' SQL Injection
2018-06-03
Wireshark - vwr_read_s2_s3_W_rec Heap Based Buffer Overflow
2018-06-03
WPS Office < 2016 - '.ppt' drawingContainer Memory Corruption
2018-06-03
Wireshark - nettrace_3gpp_32_423_file_open Stack Based Out-of-Bounds Read
2018-06-03
Linux/x86-64 - Subtle Probing Reverse Shell, Timer, Burst, Password, Multi-Terminal Shellcode (84, 1
2018-06-03
Microsoft Windows 7 (x32/x64) - Group Policy Privilege Escalation (MS16-072)
2018-06-03
Mediacoder 0.8.43.5852 - '.m3u' SEH Exploit
2018-06-03
GE Proficy HMI/SCADA CIMPLICITY 8.2 - Privilege Escalation
2018-06-03
VUPlayer 2.49 - '.m3u' Buffer Overflow (Win 7 DEP Bypass)
2018-06-03
PInfo 0.6.9-5.1 - Local Buffer Overflow
2018-06-03
ACROS Security 0patch 2016.05.19.539 - (0PatchServicex64.exe) Unquoted Service Path Privilege Escala
2018-06-03
Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal ASLR + DEP Bypass)
2018-06-03
Operation Technology ETAP 14.1.0 - Privilege Escalation
2018-06-03
Apple Mac OSX / iOS - SUID Binary Logic Error Kernel Code Execution
2018-06-03
Microsoft Windows 8.1 / 10 (x86) - Secondary Logon Standard Handles Missing Sanitization Privilege E
2018-06-03
Cisco ASA 8.x - 'EXTRABACON' Authentication Bypass
2018-06-03
HP Data Protector A.09.00 - Arbitrary Command Execution
2018-06-03
Apache Struts - Dynamic Method Invocation Remote Code Execution (Metasploit)
2018-06-03
Microsoft Windows - 'srv2.sys' SMB Code Execution (Python) (MS09-050) Exploit
2018-06-03
Microsoft Windows - NetAPI32.dll Code Execution (Python) (MS08-067) Exploit
2018-06-03
Symantec Web Gateway 5.2.2 OS Command Injection Vulnerability
2018-06-03
B2B Portal Script - Blind SQL Injection Vulnerability
2018-06-03
Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation Vulnerability
2018-06-03
Sync Breeze Enterprise 8.9.24 - Buffer Overflow Exploit
2018-06-03
ZKTeco ZKBioSecurity 3.0 - Directory Traversal
2018-06-03
ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authentication Bypass
2018-06-03
ZKTeco ZKAccess Security System 5.3.1 - Persistent Cross-Site Scripting
2018-06-03
Fortigate Firewalls - 'EGREGIOUSBLUNDER' Remote Code Execution
2018-06-03
WSO2 Carbon 4.4.5 - Local File Inclusion
2018-06-03
BalkanSys CMS show_pageID SQL injection Vulnerability
2018-06-03
Windows Capcom.sys Kernel Execution Exploit (x64 only)
2018-06-03
Joomla Huge-IT Portfolio Gallery 1.0.6 SQL Injection Vulnerability
2018-06-03
PHPCollab CMS 2.5 - (emailusers.php) SQL Injection
2018-06-03
NUUO NVRmini 2 3.0.8 - Local File Disclosure
2018-06-03
YetiForce CRM < 3.1 - Persistent Cross-Site Scripting
2018-06-03
SlimCMS 0.1 - Cross-Site Request Forgery (Change Admin Password)
2018-06-03
Ultrabenosaurus ChatBoard - Cross-Site Request Forgery (Send Message)
2018-06-03
w2wiki - Multiple Cross-Site Scripting Vulnerabilities
2018-06-03
imagemagick mogrify global buffer overflow Vulnerability
2018-06-03
WordPress WP Mobile Detector 3.5 Plugin - Arbitrary File Upload
2018-06-03
Wordpress Job Script by Scubez Plugin - Remote Code Execution
2018-06-03
Totemomail 4.x / 5.x - Persistent Cross-Site Scripting
2018-06-03
WordPress Kento Post View Counter 2.8 Plugin - Cross-Site Request Forgery / Cross-Site Scripting
2018-06-03
Webutler CMS 3.2 - Cross-Site Request Forgery
2018-06-03
Xoops 2.5.7.2 - Directory Traversal Bypass
2018-06-03
WordPress Site Import 1.0.1 Plugin - Local File Inclusion / Remote File Inclusion
2018-06-03
WordPress Best Web Soft Captcha 4.1.5 Plugin - Multiple Vulnerabilities
2018-06-03
WordPress More Fields 2.1 Plugin - Cross-Site Request Forgery
2018-06-03
Chamilo LMS IDOR - (messageId) Delete POST Injection
2018-06-03
NetMan 204 - Backdoor Account Vulnerability
2018-06-03
WordPress User Frontend Plugin < 2.3.11 - Unrestricted Arbitrary File Upload
2018-06-03
WordPress User Meta Manager 3.4.6 Plugin - Privilege Escalation
2018-06-03
ATutor 2.2 - Multiple Cross-Site Scripting Vulnerabilities
2018-06-03
Symphony CMS 2.6.3 - Multiple SQL Injections
2018-06-03
ProjectSend r582 - Multiple Vulnerabilities
2018-06-03
pfSense Firewall 2.2.5 - Config File Cross-Site Request Forgery
2018-06-03
GlassFish Server - Arbitrary File Read
2018-06-03
Microsoft Windows 10 10586 (x32/x64) / 8.1 Update 2 - NtLoadKeyEx User Hive Attachment Point Privile
2018-06-03
WordPress Symposium Pro Social Network Plugin 15.12 - Multiple Vulnerabilities
2018-06-03
PhpSocial 2.0.0304_20222226 - Cross-Site Request Forgery
2018-06-03
Windows/x86 - Password Protected TCP Bind Shell (637 bytes)
2018-06-03
Windows/x86 - Persistent Reverse Shell TCP (494 Bytes)
2018-06-03
Adobe Flash - Crash When Freeing Memory After AVC decoding Exploit
2018-06-03
Adobe Flash - Video Decompression Memory Corruption Exploit
2018-06-03
SELinux W+X Protection Bypass via AIO
2018-06-03
Matrimonial Website Script 1.0.2 - SQL Injection Vulnerability
2018-06-03
Kerio Control Unified Threat Management 9.1.0 build 1087 / 9.1.1 build 1324 - Multiple Vulnerabiliti
2018-06-03
Mundi Mail 0.8.2 (top) Remote File Inclusion Vulnerability
2018-06-02
Git < 2.17.1 - Remote Code Execution
2018-06-02
Epiphany 3.28.2.1 - Denial of Service
2018-06-02
Sony Playstation 3 (PS3) 4.82 - 'Jailbreak' (ROP)
2018-06-02
Sony Playstation 4 (PS4) 5.1 - Kernel (PoC)
2018-06-02
Sony Playstation 4 (PS4) 5.07 - 'Jailbreak' WebKit / 'bpf v2' Kernel Loader
2018-06-02
Microsoft Edge Chakra - EntrySimpleObjectSlotGetter Type Confusion
2018-05-31
Grid Pro Big Data 1.0 - SQL Injection
2018-05-31
CSV Import & Export 1.1.0 - SQL Injection / Cross-Site Scripting
2018-05-31
PHP Dashboards NEW 5.5 - 'email' SQL Injection
2018-05-31
New STAR 2.1 - SQL Injection / Cross-Site Scripting
2018-05-31
Linux/ARM - Egghunter + /bin/sh Shellcode (32 bytes)
2018-05-31
TAC Xenta 511/911 - Directory Traversal
2018-05-31
Linux/x86 - Bind (4444/TCP) Shell Shellcode (105 bytes)
2018-05-31
Linux/x86 - EggHunter + access() Shellcode (38 bytes)
2018-05-31
Procps-ng - Multiple Vulnerabilities
2018-05-30
Dolibarr 7.0.0 - SQL Injection
2018-05-30
MachForm < 4.2.3 - SQL Injection / Path Traversal / Upload Bypass
2018-05-30
Yosoro 1.0.4 - Remote Code Execution
2018-05-30
Siemens SIMATIC S7-300 CPU - Remote Denial of Service
2018-05-30
SearchBlox 8.6.6 - Cross-Site Request Forgery
2018-05-30
easyLetters 1.0 - (id) SQL Injection Vulnerability
2018-05-30
Listing Hub CMS 1.0 - SQL Injection Vulnerability
2018-05-30
Ajax Full Featured Calendar 2.0 - (search) SQL Injection Vulnerability
2018-05-29
Employee Work Schedule 5.9 - (cal_id) SQL Injection Vulnerability
2018-05-29
mySurvey 1.0 - (id) SQL Injection Vulnerability
2018-05-29
BookingWizz Booking System 5.5 - (id) SQL Injection Vulnerability
2018-05-29
My Directory 2.0 - SQL Injection / Cross-Site Scripting Vulnerabilities
2018-05-29
Baby Names Search Engine 1.0 - (a) SQL Injection Vulnerability
2018-05-29
Ingenious School Management System - id SQL Injection Vulnerability
2018-05-29
Lyrist - id SQL Injection Vulnerability
2018-05-29
IssueTrak 7.0 - SQL Injection Vulnerability
2018-05-29
EasyService Billing 1.0 - (q) SQL Injection Vulnerability
2018-05-29
EasyService Billing 1.0 - Cross-Site Scripting Vulnerability
2018-05-29
EasyService Billing 1.0 - Cross-Site Request Forgery Vulnerability
2018-05-29
ClipperCMS 1.3.3 - Cross-Site Scripting Vulnerability
2018-05-29
Sharetronix CMS 3.6.2 - Cross-Site Request Forgery / Cross-Site Scripting Vulnerabilities
2018-05-29
wityCMS 0.6.1 - Cross-Site Scripting Vulnerability
2018-05-29
DomainMod 4.09.03 - oid Cross-Site Scripting Vulnerability
2018-05-29
DomainMod 4.09.03 - sslpaid Cross-Site Scripting Vulnerability
2018-05-29
Symfony 2.7.0 < 4.0.10 - Denial of Service Exploit
2018-05-29
Werewolf Online 0.8.8 - Information Disclosure Vulnerability
2018-05-29
Pivotal Spring Java Framework < 5.0 - Remote Code Execution Exploit
2018-05-29
GNU Barcode 0.99 - Memory Leak Exploit
2018-05-29
GNU Barcode 0.99 - Buffer Overflow Exploit
2018-05-29
MyBB ChangUonDyU Plugin 1.0.2 - Cross-Site Scripting Vulnerability
2018-05-29
Facebook Clone Script 1.0.5 - search SQL Injection Vulnerability
2018-05-29
Facebook Clone Script 1.0.5 - Cross-Site Request Forgery Vulnerability
2018-05-29
NUUO NVRmini2 / NVRsolo - Arbitrary File Upload Vulnerability
2018-05-29
Sitemakin SLAC 1.0 - my_item_search SQL Injection Vulnerability
2018-05-29
Facebook Clone Script 1.0.5 - Cross-Site Request Forgery
2018-05-29
Facebook Clone Script 1.0.5 - 'search' SQL Injection
2018-05-29
GNU Barcode 0.99 - Memory Leak
2018-05-29
GNU Barcode 0.99 - Buffer Overflow
2018-05-29
Pivotal Spring Java Framework < 5.0 - Remote Code Execution
2018-05-29
MyBB ChangUonDyU Plugin 1.0.2 - Cross-Site Scripting
2018-05-29
NUUO NVRmini2 / NVRsolo - Arbitrary File Upload
2018-05-29
Sitemakin SLAC 1.0 - 'my_item_search' SQL Injection
2018-05-29
IssueTrak 7.0 - SQL Injection
2018-05-29
Bitmain #Antminer D3/L3+/S9 - Remote Command Execution Vulnerability
2018-05-28
ALFTP 5.31 - Local Buffer Overflow (SEH Bypass) Exploit
2018-05-28
Linux/x86 - Bind (5555/TCP) Shell Shellcode (98 bytes)
2018-05-28
TP-Link TL-WR840N / TL-WR841N - Authenticaton Bypass Vulnerability
2018-05-28
Wordpress Events Calendar Plugin - SQL Injection Vulnerability
2018-05-28
Wordpress Booking Calendar 3.0.0 Plugin - SQL Injection / Cross-Site Scripting Vulnerabilities
2018-05-28
Joomla Full Social 1.1.0 Component - search_query SQL Injection Vulnerability
2018-05-28
Joomla jCart for OpenCart 2.3.0.2 Component - Cross-Site Request Forgery Vulnerability
2018-05-28
Joomla JoomOCShop 1.0 Component - Cross-Site Request Forgery Vulnerability
2018-05-28
CloudMe Sync 1.11.0 - Buffer Overflow (SEH) (DEP Bypass) Exploit
2018-05-28
Linux/x86 - Bind (5555/TCP) Shell Shellcode (98 bytes)
2018-05-28
wityCMS 0.6.1 - Cross-Site Scripting
2018-05-28
Joomla! Component JoomOCShop 1.0 - Cross-Site Request Forgery
2018-05-28
Joomla! Component jCart for OpenCart 2.3.0.2 - Cross-Site Request Forgery
2018-05-28
ALFTP 5.31 - Local Buffer Overflow (SEH Bypass)
2018-05-28
Joomla! Component Full Social 1.1.0 - 'search_query' SQL Injection
2018-05-28
Wordpress Plugin Events Calendar - SQL Injection
2018-05-28
CloudMe Sync < 1.11.0 - Buffer Overflow (SEH) (DEP Bypass)
2018-05-28
DomainMod 4.09.03 - 'sslpaid' Cross-Site Scripting
2018-05-28
DomainMod 4.09.03 - 'oid' Cross-Site Scripting
2018-05-28
TP-Link TL-WR840N/TL-WR841N - Authenticaton Bypass
2018-05-28
Bitmain Antminer D3/L3+/S9 - Remote Command Execution
2018-05-27
Baby Names Search Engine 1.0 - 'a' SQL Injection
2018-05-27
My Directory 2.0 - SQL Injection / Cross-Site Scripting
2018-05-27
Werewolf Online 0.8.8 - Information Disclosure
2018-05-27
ClipperCMS 1.3.3 - Cross-Site Scripting
2018-05-27
Listing Hub CMS 1.0 - SQL Injection
2018-05-27
BookingWizz Booking System 5.5 - 'id' SQL Injection
2018-05-27
Lyrist - 'id' SQL Injection
2018-05-27
Sharetronix CMS 3.6.2 - Cross-Site Request Forgery / Cross-Site Scripting
2018-05-27
Ingenious School Management System - 'id' SQL Injection
2018-05-27
Wordpress Plugin Events Calendar - SQL Injection / Cross-Site Scripting
2018-05-27
Symfony 2.7.0 < 4.0.10 - Denial of Service
2018-05-26
easyLetters 1.0 - 'id' SQL Injection
2018-05-26
mySurvey 1.0 - 'id' SQL Injection
2018-05-26
EasyService Billing 1.0 - 'q' SQL Injection
2018-05-26
EasyService Billing 1.0 - Cross-Site Scripting
2018-05-26
EasyService Billing 1.0 - Cross-Site Request Forgery
2018-05-26
Ajax Full Featured Calendar 2.0 - 'search' SQL Injection
2018-05-26
Employee Work Schedule 5.9 - 'cal_id' SQL Injection
2018-05-26
D-Link DSL-2750B - OS Command Injection (Metasploit)
2018-05-25
Skia and Firefox - Integer Overflow in SkTDArray Leading to Out-of-Bounds Write
2018-05-25
Microsoft Edge Chakra - Cross Context Use-After-Free
2018-05-25
MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Scripting Vulnerability
2018-05-25
Oracle WebCenter FatWire Content Server < 7 - Improper Access Control
2018-05-25
SAP Internet Transaction Server 6200.x - Session Fixation / Cross-Site Scripting
2018-05-25
MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Scripting
2018-05-25
Oracle WebCenter Sites 11.1.1.8.0/12.2.1.x - Cross-Site Scripting Vulnerability
2018-05-25
DLink #DSL2750B OS Command Injection Exploit
2018-05-25
PHP Login And User Management 4.1.0 Shell Upload Vulnerability
2018-05-25
KomSeo Cart 1.3 - my_item_search SQL Injection Vulnerability
2018-05-25
KomSeo Cart 1.3 - 'my_item_search' SQL Injection
2018-05-25
Oracle WebCenter Sites 11.1.1.8.0/12.2.1.x - Cross-Site Scripting
2018-05-25
SAT CFDI 3.3 - SQL Injection Vulnerability
2018-05-24
School Management System CMS 1.0 - username SQL Injection Vulnerability
2018-05-24
Library CMS 1.0 - SQL Injection Vulnerability
2018-05-24
Wecodex Hotel CMS 1.0 - Admin Login SQL Injection Vulnerability
2018-05-24
Wecodex Restaurant CMS 1.0 - Login SQL Injection Vulnerability
2018-05-24
ASP.NET jVideo Kit - query SQL Injection Vulnerability
2018-05-24
PaulNews 1.0 - keyword SQL Injection / Cross-Site Scripting Vulnerabilities
2018-05-24
Honeywell Scada System - Information Disclosure Vulnerability
2018-05-24
Honeywell XL Web Controller - Cross-Site Scripting Vulnerability
2018-05-24
eWallet Online Payment Gateway 2 - Cross-Site Request Forgery Vulnerability
2018-05-24
Mcard Mobile Card Selling Platform 1 - SQL Injection Vulnerability
2018-05-24
Timber 1.1 - Cross-Site Request Forgery Vulnerability
2018-05-24
SKT LTE Wi-Fi SDT-CW3B1 - Unauthorized Admin Credential Change Vulnerability
2018-05-24
WordPress Peugeot Music Plugin - Arbitrary File Upload Vulnerability
2018-05-24
OpenDaylight - SQL Injection Vulnerability
2018-05-24
EU MRV Regulatory Complete Solution 1 - Authentication Bypass Vulnerability
2018-05-24
Linux/x86 - Reverse (10.10.2.4:4444/TCP) Shell #Shellcode (68 bytes)
2018-05-24
Linux/x86 - Reverse (10.0.7.17:4444/TCP) Shell (/bin/sh) #Shellcode (101 Bytes)
2018-05-24
glibc 2.27 GNU - Local Buffer Overflow Exploit
2018-05-24
MySQL Blob Uploader 1.7 Cross Site Scripting / SQL Injection Vulnerabilities
2018-05-24
MySQL Smart Reports 1.0 Cross Site Scripting / SQL Injection Vulnerabilities
2018-05-24
Microsoft Internet Explorer 11 (Windows 7 x64/x86) - vbscript Code Execution Exploit
2018-05-24
Microsoft Internet Explorer 11 - javascript Code Execution Exploit
2018-05-24
Flash ActiveX 28.0.0.137 - Code Execution Exploit (2)
2018-05-24
Flash ActiveX 28.0.0.137 - Code Execution Exploit (1)
2018-05-24
Flash ActiveX 18.0.0.194 - Code Execution Exploit
2018-05-24
Linux 4.4.0 < 4.4.0-53 - AF_PACKET chocobo_root Privilege Escalation Exploit
2018-05-24
AMD / ARM / Intel - Speculative Execution Variant 4 Speculative Store Bypass Exploit
2018-05-24
Microsoft Windows - POP/MOV SS Privilege Escalation Exploit
2018-05-24
Microsoft Edge Chakra JIT - Magic Value Type Confusion Exploit
2018-05-24
Siemens SIMATIC S7-1500 CPU - Remote Denial of Service Exploit
2018-05-24
Easy File Uploader 1.7 - SQL Injection / Cross-Site Scripting Vulnerabilities
2018-05-24
NewsBee CMS 1.4 - home-text-edit.php SQL Injection Vulnerability
2018-05-24
NewsBee CMS 1.4 - download.php SQL Injection Vulnerability
2018-05-24
Feedy RSS News Ticker 2.0 - cat SQL Injection Vulnerability
2018-05-24
ILIAS 5.3.2 / 5.2.14 / 5.1.25 Cross Site Scripting Vulnerability
2018-05-24
Auto Car 1.2 - car_title SQL Injection / Cross-Site Scripting Vulnerabilities
2018-05-24
iSocial 1.2.0 - Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities
2018-05-24
ERPnext 11 - Cross-Site Scripting Vulnerability
2018-05-24
MakeMyTrip 7.2.4 - Information Disclosure Vulnerability
2018-05-24
PaulPrinting CMS Printing 1.0 - SQL Injection Vulnerability
2018-05-24
Teradek Cube 7.3.6 - Cross-Site Request Forgery Vulnerability
2018-05-24
Teradek VidiU Pro 3.0.3 - Cross-Site Request Forgery Vulnerability
2018-05-24
Teradek VidiU Pro 3.0.3 - Server-Side Request Forgery Vulnerability
2018-05-24
Dell EMC RecoverPoint boxmgmt CLI < 5.1.2 - Arbitrary File Read Vulnerability
2018-05-24
Nordex N149/4.0-4.5 - SQL Injection Vulnerability
2018-05-24
Zechat 1.5 - SQL Injection / Cross-Site Request Forgery Vulnerabilities
2018-05-24
WebSocket Live Chat - Cross-Site Scripting Vulnerability
2018-05-24
Schneider Electric PLCs - Cross-Site Request Forgery Vulnerability
2018-05-24
Merge PACS 7.0 - Cross-Site Request Forgery Vulnerability
2018-05-24
Auto Dealership & Vehicle Showroom WebSys 1.0 - XSS / CSRF / Authentication Bypass Vulnerabiliti
2018-05-24
Model Agency Media House & Model Gallery 1.0 - XSS / CSRF / Authentication Bypass Vulnerabilitie
2018-05-24
Wchat PHP AJAX Chat Script 1.5 - Persistent Cross-Site Scripting Vulnerability
2018-05-24
Linux 2.6.30 < 2.6.36-rc8 - Reliable Datagram Sockets (RDS) Privilege Escalation Exploit
2018-05-24
R 3.4.4 fow Windows - Local Buffer Overflow (DEP Bypass) Exploit
2018-05-24
Karenderia Multiple Restaurant System < 4.5 - Blind SQL Injection Vulnerability
2018-05-24
EU MRV Regulatory Complete Solution 1 - Authentication Bypass
2018-05-24
GNU glibc < 2.27 - Local Buffer Overflow
2018-05-24
Honeywell XL Web Controller - Cross-Site Scripting
2018-05-24
Timber 1.1 - Cross-Site Request Forgery
2018-05-24
OpenDaylight - SQL Injection
2018-05-24
PaulNews 1.0 - 'keyword' SQL Injection / Cross-Site Scripting
2018-05-24
Flash ActiveX 28.0.0.137 - Code Execution (2)
2018-05-24
Flash ActiveX 28.0.0.137 - Code Execution (1)
2018-05-24
Microsoft Internet Explorer 11 - javascript Code Execution
2018-05-24
Flash ActiveX 18.0.0.194 - Code Execution
2018-05-24
Microsoft Internet Explorer 11 (Windows 7 x64/x86) - vbscript Code Execution
2018-05-24
Linux/x86 - Reverse (10.0.7.17:4444/TCP) Shell (/bin/sh) Shellcode (101 Bytes)
2018-05-24
ASP.NET jVideo Kit - 'query' SQL Injection
2018-05-24
Linux/x86 - Reverse (10.10.2.4:4444/TCP) Shell Shellcode (68 bytes)
2018-05-24
Wordpress Plugin Peugeot Music - Arbitrary File Upload
2018-05-23
SKT LTE Wi-Fi SDT-CW3B1 - Unauthorized Admin Credential Change
2018-05-23
NewsBee CMS 1.4 - Cross-Site Request Forgery
2018-05-23
Honeywell Scada System - Information Disclosure
2018-05-23
Mcard Mobile Card Selling Platform 1 - SQL Injection
2018-05-23
eWallet Online Payment Gateway 2 - Cross-Site Request Forgery
2018-05-23
Wecodex Restaurant CMS 1.0 - 'Login' SQL Injection
2018-05-23
Wecodex Hotel CMS 1.0 - 'Admin Login' SQL Injection
2018-05-23
Library CMS 1.0 - SQL Injection
2018-05-23
School Management System CMS 1.0 - 'username' SQL Injection
2018-05-23
SAT CFDI 3.3 - SQL Injection
2018-05-23
Wecodex Store Paypal 1.0 - SQL Injection
2018-05-23
Samsung Galaxy S7 Edge - Overflow in OMACP WbXml String Extension Processing
2018-05-23
Linux/x86 - Bind TCP (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (113 bytes)
2018-05-23
Shipping System CMS 1.0 - SQL Injection
2018-05-23
Siemens SCALANCE S613 - Remote Denial of Service
2018-05-23
GPSTracker 1.0 - 'id' SQL Injection
2018-05-23
Online Store System CMS 1.0 - SQL Injection
2018-05-23
Gigs 2.0 - 'username' SQL Injection
2018-05-23
FTPShell Server 6.80 - Denial of Service
2018-05-23
Mobile Card Selling Platform 1 - Cross-Site Request Forgery
2018-05-23
PHP Dashboards 4.5 - SQL Injection
2018-05-23
PHP Dashboards 4.5 - 'email' SQL Injection
2018-05-23
FTPShell Server 6.80 - Buffer Overflow (SEH)
2018-05-23
MySQL Blob Uploader 1.7 - 'home-filet-edit.php' SQL Injection
2018-05-23
MySQL Blob Uploader 1.7 - 'home-filet-edit.php' SQL Injection / Cross-Site Scripting
2018-05-23
MySQL Blob Uploader 1.7 - 'home-file-edit.php' SQL Injection / Cross-Site Scripting
2018-05-23
MySQL Blob Uploader 1.7 - 'download.php' SQL Injection / Cross-Site Scripting
2018-05-23
MySQL Smart Reports 1.0 - 'id' SQL Injection / Cross-Site Scripting
2018-05-23
EasyService Billing 1.0 - 'p1' SQL Injection
2018-05-23
EasyService Billing 1.0 - SQL Injection / Cross-Site Scripting
2018-05-23
Easy File Uploader 1.7 - SQL Injection / Cross-Site Scripting
2018-05-22
Microsoft Windows - 'POP/MOV SS' Privilege Escalation
2018-05-22
NewsBee CMS 1.4 - 'download.php' SQL Injection
2018-05-22
Feedy RSS News Ticker 2.0 - 'cat' SQL Injection
2018-05-22
Auto Car 1.2 - 'car_title' SQL Injection / Cross-Site Scripting
2018-05-22
NewsBee CMS 1.4 - 'home-text-edit.php' SQL Injection
2018-05-22
Linux 4.4.0 < 4.4.0-53 - AF_PACKET chocobo_root Privilege Escalation (Metasploit)
2018-05-22
AMD / ARM / Intel - Speculative Execution Variant 4 Speculative Store Bypass
2018-05-22
Microsoft Edge Chakra JIT - Magic Value Type Confusion
2018-05-22
Siemens SIMATIC S7-1500 CPU - Remote Denial of Service
2018-05-22
iSocial 1.2.0 - Cross-Site Scripting / Cross-Site Request Forgery
2018-05-22
ERPnext 11 - Cross-Site Scripting
2018-05-22
MakeMyTrip 7.2.4 - Information Disclosure
2018-05-22
PaulPrinting CMS Printing 1.0 - SQL Injection
2018-05-22
Dell EMC RecoverPoint boxmgmt CLI < 5.1.2 - Arbitrary File Read
2018-05-22
Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting
2018-05-22
WebSocket Live Chat - Cross-Site Scripting
2018-05-22
Zechat 1.5 - SQL Injection / Cross-Site Request Forgery
2018-05-22
Nordex N149/4.0-4.5 - SQL Injection
2018-05-22
Adobe Enterprise Manager (AEM) 6.3 - Remote Code Execution Exploit
2018-05-21
MyBiz MyProcureNet 5.0.0 File Upload / Cross Site Scripting Vulnerabilities
2018-05-21
WUZHI CMS 4.1.0 - tag[pinyin] Cross-Site Scripting Vulnerability
2018-05-21
Palo Alto Networks - readSessionVarsFromFile() Session Corruption Exploit
2018-05-21
GitBucket 4.23.1 - Remote Code Execution Exploit
2018-05-21
Zenar Content Management System - Cross-Site Scripting Vulnerability
2018-05-21
Siemens SIMATIC S7-1200 CPU - Cross-Site Request Forgery Vulnerability
2018-05-21
ManageEngine Recovery Manager Plus 5.3 - Persistent Cross-Site Scripting Vulnerability
2018-05-21
Private Message PHP Script 2.0 - Persistent Cross-Site scripting Vulnerability
2018-05-21
Flippy DamnFacts - Viral Fun Facts Sharing Script 1.1.0 - XSS / CSRF Vulnerabilities
2018-05-21
Joomla EkRishta 2.10 Component - Cross-Site Scripting / SQL Injection Vulnerabilities
2018-05-21
D-Link DSL-3782 - Authentication Bypass Vulnerability
2018-05-21
mySCADA myPRO 7 - Hard-Coded Credentials Vulnerability
2018-05-21
Easy MPEG to DVD Burner 1.7.11 - Local Buffer Overflow (SEH) (DEP Bypass) Exploit
2018-05-21
Reliable Datagram Sockets (RDS) Privilege Escalation Exploit
2018-05-21
SAP B2B / B2C CRM 2.x < 4.x - Local File Inclusion Vulnerability
2018-05-21
Cisco SA520W Security Appliance - Path Traversal Vulnerability
2018-05-21
SAP NetWeaver Web Dynpro 6.4 < 7.5 - Information Disclosure Vulnerability
2018-05-21
Monstra CMS before 3.0.4 - Cross-Site Scripting Vulnerability
2018-05-21
Powerlogic / Schneider Electric IONXXXX Series - Cross-Site Request Forgery Vulnerability
2018-05-21
Healwire Online Pharmacy 3.0 - XSS / CSRF Vulnerabilities
2018-05-21
Infinity Market Classified Ads Script 1.6.2 - Cross-Site Request Forgery Vulnerability
2018-05-21
SuperCom Online Shopping Ecommerce Cart 1 - XSS / CSRF / Authentication bypass Vulnerabilities
2018-05-21
Prime95 29.4b8 - Stack Buffer Overflow (SEH) Exploit
2018-05-21
Linux 4.8.0 < 4.8.0-46 - AF_PACKET packet_set_ring Privilege Escalation Exploit
2018-05-21
Linux < 4.16.9 / < 4.14.41 - 4-byte Infoleak via Uninitialized Struct Field Exploit
2018-05-21
Apache Struts 2 - Struts 1 Plugin Showcase OGNL Code Execution Exploit
2018-05-21
Microsoft Edge Chakra JIT - Bound Check Elimination Bug Exploit
2018-05-21
DynoRoot DHCP - Client Command Injection Exploit
2018-05-21
HPE iMC 7.3 - Remote Code Execution Exploit
2018-05-21
Jenkins CLI - HTTP Java Deserialization Exploit
2018-05-21
Nanopool Claymore Dual Miner 7.3 - Remote Code Execution Vulnerability
2018-05-21
Intelbras NCLOUD 300 1.0 - Authentication bypass Exploit
2018-05-21
NodAPS 4.0 - SQL injection / Cross-Site Request Forgery Vulnerabilities
2018-05-21
Horse Market Sell & Rent Portal Script 1.5.7 - Cross-Site Request Forgery Vulnerability
2018-05-21
RSA Authentication Manager 8.2.1.4.0-build1394922 / < 8.3 P1 - XML External Entity Injection / Cr
2018-05-21
WordPress Metronet Tag Manager 1.2.7 Plugin - Cross-Site Request Forgery Vulnerability
2018-05-21
MyBB Admin Notes Plugin 1.1 - Cross-Site Request Forgery Vulnerability
2018-05-21
totemomail Encryption Gateway 6.0.0 Build 371 - Cross-Site Request Forgery Vulnerability
2018-05-21
Multiplayer BlackJack Online Casino Game 2.5 - Persistent Cross-Site Scripting Vulnerability
2018-05-21
Rockwell Scada System 27.011 - Cross-Site Scripting Vulnerability
2018-05-21
VirtueMart 3.1.14 - Persistent Cross-Site Scripting Vulnerability
2018-05-21
WhatsApp 2.18.31 - Memory Corruption Exploit
2018-05-21
Microsoft Windows - Token Process Trust SID Access Check Bypass Privilege Escalation Exploit
2018-05-21
Inteno IOPSYS 2.0 - 4.2.0 p910nd - Remote Command Execution Exploit
2018-05-21
Libuser roothelper Privilege Escalation Exploit
2018-05-21
IBM Flashsystem / Storwize CSRF / Arbitrary File Read / Information Disclosure Vulnerabilities
2018-05-21
ProjectPier 0.8.8 SQL Injection / Authentication Bypass / RFI Vulnerabilities
2018-05-21
WordPress WP ULike 2.8.1 / 3.1 Arbitrary Data Deletion Vulnerability
2018-05-21
WordPress WP ULike 2.8.1 / 3.1 Cross Site Scripting Vulnerability
2018-05-21
JasperReports - Authenticated File Read Vulnerability
2018-05-21
Linux/x86 - Reverse TCP (127.0.0.1:4444/TCP) Shell Shellcode (96 Bytes)
2018-05-21
Monstra CMS 3.0.4 - Remote Code Execution Vulnerability
2018-05-21
XATABoost 1.0.0 - SQL Injection Vulnerability
2018-05-21
MyBB 1.8.x Denial of Service Exploit
2018-05-21
Microsoft Windows 2003 SP2 - RRAS SMB Remote Code Execution Exploit
2018-05-21
WUZHI CMS 4.1.0 - form[qq_10] Cross-Site Scripting Vulnerability
2018-05-21
WordPress WP User Groups 2.0.0 Cross Site Request Forgery Vulnerability
2018-05-21
2345 Security Guard 3.7 - 2345BdPcSafe.sys Denial of Service Exploit
2018-05-21
EMC RecoverPoint 4.3 - Admin CLI Command Injection Vulnerability
2018-05-21
2018-05-21
Open-AudIT Professional - 2.1.1 - Cross-Site Scripting Vulnerability
2018-05-21
Dell Touchpad - ApMsgFwd.exe Denial of Service Exploit
2018-05-21
phpVirtualBox 5.2 Cross Site Request Forgery / Cross Site Scripting Vulnerabilities
2018-05-21
ModbusPal 1.6b - XML External Entity Injection Vulnerability
2018-05-21
Fastweb FASTGate 0.00.47 - Cross-site Request Forgery
2018-05-21
Allok Video Splitter 3.1.12.17 - Denial of Service Exploit
2018-05-21
Mantis 1.1.3 - manage_proj_page PHP Code Execution Exploit
2018-05-21
MyBB Latest Posts on Profile Plugin 1.1 - Cross-Site Scripting Vulnerability
2018-05-21
FxCop 10/12 - XML External Entity Injection Vulnerability
2018-05-21
PlaySMS 1.4 - sendfromfile.php?Filename Authenticated Code Execution Exploit
2018-05-21
PlaySMS 1.4 - import.php Authenticated CSV File Upload Code Execution Exploit
2018-05-21
GNU wget - Cookie Injection Vulnerability
2018-05-21
WebKitGTK+ Memory Corruption / Code Execution Vulnerability
2018-05-21
D-Link DIR-868L 1.12 Cross Site Request Forgery Vulnerability
2018-05-21
2345 Security Guard 3.7 - Denial of Service Exploit
2018-05-21
FTPShell Client 6.7 - Buffer Overflow Exploit
2018-05-21
Linux/x86 - execve(/bin/sh) NOT Encoded Shellcode (27 bytes)
2018-05-21
WordPress User Role Editor Plugin < 4.25 - Privilege Escalation Exploit
2018-05-21
HWiNFO 5.82-3410 - Denial of Service Exploit
2018-05-21
DeviceLock Plug and Play Auditor 5.72 - Unicode Buffer Overflow (SEH) Exploit
2018-05-21
D-Link DIR-601 Failed Password Change Control Vulnerability
2018-05-21
CSP MySQL User Manager 2.3.1 SQL Injection Vulnerability
2018-05-21
IceWarp Mail Server < 11.1.1 - Directory Traversal Vulnerability
2018-05-21
WordPress WF Cookie Consent 1.1.3 Plugin - Cross-Site Scripting Vulnerability
2018-05-21
Google Chrome V8 - Object Allocation Size Integer Overflow Exploit
2018-05-21
Windows WMI Recieve Notification Exploit
2018-05-21
Oracle Access Manager 11.1.2.3.0 / 12.2.1.3.0 Authentication Bypass Vulnerability
2018-05-21
MSTAR Set-Top BOX Command Injection Vulnerability
2018-05-21
TP-Link EAP Controller CSRF / Hard-Coded Key / XSS Vulnerabilities
2018-05-21
Watchguard Hard-Coded Credentials / Failed Controls Vulnerability
2018-05-21
Peel Shopping Cart 9.0.0 Cross Site Request Forgery / Cross Site Scripting Vulnerabilities
2018-05-21
Trovebox 4.0.0-rc6 SQL Injection / Bypss / SSRF Vulnerabilties
2018-05-21
osCommerce Installer Unauthenticated Code Execution Exploit
2018-05-21
Wchat PHP AJAX Chat Script 1.5 - Persistent Cross-Site Scripting
2018-05-21
Model Agency Media House & Model Gallery 1.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Authentication bypass
2018-05-21
Merge PACS 7.0 - Cross-Site Request Forgery
2018-05-21
R v3.4.4 - Local Buffer Overflow (DEP Bypass)
2018-05-21
Auto Dealership & Vehicle Showroom WebSys 1.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Admin panel Authentication bypass
2018-05-21
Schneider Electric PLCs - Cross-Site Request Forgery
2018-05-21
Linux 2.6.30 - 2.6.36-rc8 - Reliable Datagram Sockets (RDS) Privilege Escalation (Metasploit)
2018-05-21
Teradek Slice 7.3.15 - Cross-Site Request Forgery
2018-05-21
Teradek Cube 7.3.6 - Cross-Site Request Forgery
2018-05-21
Teradek VidiU Pro 3.0.3 - Server-Side Request Forgery
2018-05-21
Teradek VidiU Pro 3.0.3 - Cross-Site Request Forgery
2018-05-21
GitBucket 4.23.1 - Remote Code Execution
2018-05-21
Siemens SIMATIC S7-1200 CPU - Cross-Site Request Forgery
2018-05-21
ManageEngine Recovery Manager Plus 5.3 - Persistent Cross-Site Scripting
2018-05-21
Zenar Content Management System - Cross-Site Scripting
2018-05-21
Flippy DamnFacts - Viral Fun Facts Sharing Script 1.1.0 - Persistent cross site scripting / Cross site request forgery
2018-05-21
Private Message PHP Script 2.0 - Persistent Cross-Site scripting
2018-05-21
Superfood 1.0 - Multiple Vulnerabilities
2018-05-21
Joomla! Component EkRishta 2.10 - Cross-Site Scripting / SQL Injection
2018-05-21
Easy MPEG to DVD Burner 1.7.11 - Local Buffer Overflow (SEH) (DEP Bypass)
2018-05-21
D-Link DSL-3782 - Authentication Bypass
2018-05-21
mySCADA myPRO 7 - Hard-Coded Credentials
2018-05-21
SAP B2B / B2C CRM 2.x < 4.x - Local File Inclusion
2018-05-21
Linux 4.8.0 < 4.8.0-46 - AF_PACKET packet_set_ring Privilege Escalation (Metasploit)
2018-05-21
Microsoft Edge Chakra JIT - Bound Check Elimination Bug
2018-05-21
DynoRoot DHCP - Client Command Injection
2018-05-21
Infinity Market Classified Ads Script 1.6.2 - Cross-Site Request Forgery
2018-05-21
Cisco SA520W Security Appliance - Path Traversal
2018-05-21
Prime95 29.4b8 - Stack Buffer Overflow (SEH)
2018-05-21
HPE iMC 7.3 - Remote Code Execution (Metasploit)
2018-05-21
SAP NetWeaver Web Dynpro 6.4 < 7.5 - Information Disclosure
2018-05-21
Monstra CMS before 3.0.4 - Cross-Site Scripting
2018-05-21
Healwire Online Pharmacy 3.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery
2018-05-21
Microsoft Xbox One 10.0.14393.2152 - Code Execution (PoC)
2018-05-21
Apache Struts 2 - Struts 1 Plugin Showcase OGNL Code Execution (Metasploit)
2018-05-21
Jenkins CLI - HTTP Java Deserialization (Metasploit)
2018-05-21
Linux < 4.16.9 / < 4.14.41 - 4-byte Infoleak via Uninitialized Struct Field in compat adjtimex Syscall
2018-05-21
Powerlogic/Schneider Electric IONXXXX Series - Cross-Site Request Forgery
2018-05-21
SuperCom Online Shopping Ecommerce Cart 1 - Persistent Cross-Site scripting / Cross site request forgery / Authentication bypass
2018-05-21
Nanopool Claymore Dual Miner 7.3 - Remote Code Execution
2018-05-21
Intelbras NCLOUD 300 1.0 - Authentication bypass
2018-05-21
NodAPS 4.0 - SQL injection / Cross-Site Request Forgery
2018-05-21
Inteno IOPSYS 2.0 < 4.2.0 - 'p910nd' Remote Command Execution
2018-05-21
RSA Authentication Manager 8.2.1.4.0-build1394922 / < 8.3 P1 - XML External Entity Injection / Cross-Site Flashing / DOM Cross-Site Scripting
2018-05-21
Libuser - 'roothelper' Privilege Escalation (Metasploit)
2018-05-21
WordPress Plugin Metronet Tag Manager 1.2.7 - Cross-Site Request Forgery
2018-05-21
totemomail Encryption Gateway 6.0.0 Build 371 - Cross-Site Request Forgery
2018-05-21
Microsoft Windows - Token Process Trust SID Access Check Bypass Privilege Escalation
2018-05-21
WhatsApp 2.18.31 - Memory Corruption
2018-05-21
Horse Market Sell & Rent Portal Script 1.5.7 - Cross-Site Request Forgery
2018-05-21
Multiplayer BlackJack Online Casino Game 2.5 - Persistent Cross-Site Scripting
2018-05-21
Rockwell Scada System 27.011 - Cross-Site Scripting
2018-05-21
VirtueMart 3.1.14 - Persistent Cross-Site Scripting
2018-05-21
MyBB Admin Notes Plugin 1.1 - Cross-Site Request Forgery
2018-05-21
JasperReports - Authenticated File Read
2018-05-21
XATABoost 1.0.0 - SQL Injection
2018-05-21
Monstra CMS 3.0.4 - Remote Code Execution
2018-05-21
Linux/x86 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) Shellcode (96 Bytes)
2018-05-21
2345 Security Guard 3.7 - '2345NsProtect.sys' Denial of Service
2018-05-21
WUZHI CMS 4.1.0 - 'tag[pinyin]' Cross-Site Scripting
2018-05-21
WUZHI CMS 4.1.0 - 'form[qq_10]' Cross-Site Scripting
2018-05-21
Microsoft Windows 2003 SP2 - 'RRAS' SMB Remote Code Execution
2018-05-21
2345 Security Guard 3.7 - '2345BdPcSafe.sys' Denial of Service
2018-05-11
EMC RecoverPoint 4.3 - 'Admin CLI' Command Injection
2018-05-11
Open-AudIT Community - 2.2.0 – Cross-Site Scripting
2018-05-11
Open-AudIT Professional - 2.1.1 - Cross-Site Scripting
2018-05-11
Mantis 1.1.3 - manage_proj_page PHP Code Execution (Metasploit)
2018-05-10
Dell Touchpad - 'ApMsgFwd.exe' Denial of Service
2018-05-10
Linux/x86 - Read /etc/passwd Shellcode (62 bytes)
2018-05-10
MyBB Latest Posts on Profile Plugin 1.1 - Cross-Site Scripting
2018-05-10
ModbusPal 1.6b - XML External Entity Injection
2018-05-10
Fastweb FASTGate 0.00.47 - Cross-site Request Forgery
2018-05-10
Allok Video Splitter 3.1.12.17 - Denial of Service
2018-05-09
FxCop 10/12 - XML External Entity Injection
2018-05-09
Linux/x86 - Bind TCP Shell + fork() Shellcode (113 bytes)
2018-05-09
GNU wget - Cookie Injection
2018-05-09
2345 Security Guard 3.7 - Denial of Service
2018-05-08
PlaySMS 1.4 - sendfromfile.php Authenticated "Filename" Field Code Execution (Metasploit)
2018-05-08
PlaySMS - import.php Authenticated CSV File Upload Code Execution (Metasploit)
2018-05-08
Palo Alto Networks - readSessionVarsFromFile() Session Corruption (Metasploit)
2018-05-08
FTPShell Client 6.7 - Buffer Overflow
2018-05-08
WordPress Plugin User Role Editor < 4.25 - Privilege Escalation
2018-05-06
Linux/x86 - execve(/bin/sh) NOT Encoded Shellcode (27 bytes)
2018-05-06
HWiNFO 5.82-3410 - Denial of Service
2018-05-06
DeviceLock Plug and Play Auditor 5.72 - Unicode Buffer Overflow (SEH)
2018-05-06
CSP MySQL User Manager 2.3.1 - Authentication Bypass
2018-05-06
IceWarp Mail Server < 11.1.1 - Directory Traversal
2018-05-04
Windows WMI - Recieve Notification Exploit (Metasploit)
2018-05-04
WordPress Plugin WF Cookie Consent 1.1.3 - Cross-Site Scripting
2018-05-04
Google Chrome V8 - Object Allocation Size Integer Overflow
2018-05-04
Apache Hadoop 2.7.3 Privilege Escalation Vulnerability
2018-05-03
GPON Routers - Authentication Bypass / Command Injection Exploit
2018-05-03
Call of Duty Modern Warefare 2 - Buffer Overflow Exploit
2018-05-03
TBK DVR4104 / DVR4216 - Credentials Leak Exploit
2018-05-03
Norton Core Secure WiFi Router - BLE Command Injection Exploit
2018-05-03
Schneider Electric InduSoft Web Studio and InTouch Machine Edition - Denial of Service Vulnerability
2018-05-03
Adobe Reader PDF - Client Side Request Injection Exploit
2018-05-03
Windows - Local Privilege Escalation Exploit
2018-05-03
Linux Kernel < 4.17-rc1 - AF_LLC Double Free Exploit
2018-05-03
Exim < 4.90.1 - base64d Remote Code Execution Exploit
2018-05-03
Cockpit CMS 0.4.4-0.5.5 - Server-Side Request Forgery Vulnerability
2018-05-03
LibreOffice / Open Office - .odt Information Disclosure Exploit
2018-05-03
Easy MPEG to DVD Burner 1.7.11 - Local Buffer Overflow (SEH) Exploit
2018-05-03
Apache Struts2 2.0.0 < 2.3.15 - Prefixed Parameters OGNL Injection
2018-05-03
Call of Duty Modern Warefare 2 - Buffer Overflow
2018-05-03
Windows - Local Privilege Escalation
2018-05-03
DLINK DCS-5020L - Remote Code Execution (PoC)
2018-05-03
Linux Kernel < 4.17-rc1 - 'AF_LLC' Double Free
2018-05-03
TBK DVR4104 / DVR4216 - Credentials Leak
2018-05-03
GPON Routers - Authentication Bypass / Command Injection
2018-05-03
Norton Core Secure WiFi Router - 'BLE' Command Injection (PoC)
2018-05-03
Adobe Reader PDF - Client Side Request Injection
2018-05-03
Schneider Electric InduSoft Web Studio and InTouch Machine Edition - Denial of Service
2018-05-03
Exim < 4.90.1 - 'base64d' Remote Code Execution
2018-05-02
Metasploit msfd - Remote Code Execution (Metasploit)
2018-05-02
Metasploit msfd - Remote Code Execution via Browser (Metasploit)
2018-05-02
xdebug - Unauthenticated OS Command Execution (Metasploit)
2018-05-02
Cockpit CMS 0.4.4-0.5.5 - Server-Side Request Forgery
2018-05-02
WebKit - 'WebCore::jsElementScrollHeightGetter' Use-After-Free
2018-05-02
Easy MPEG to DVD Burner 1.7.11 - SEH Local Buffer Overflow
2018-05-02
LibreOffice/Open Office - '.odt' Information Disclosure
2018-05-02
Metasploit msfd Remote Code Execution Exploit
2018-05-02
Metasploit msfd Remote Code Execution Via Browser Exploit
2018-05-02
Linux /dev/urandom RNG Flaws Exploit
2018-05-02
xdebug Unauthenticated OS Command Execution Exploit
2018-05-02
Tpshop 2.0.8 Arbitrary File Download / SSRF Vulnerability
2018-05-02
WebKit WebCore::jsElementScrollHeightGette Use-After-Free Exploit
2018-05-02
Wordpress Responsive Cookie Consent v1.5 / v1.6 / v1.7 - Authenticated Persistent Cross-Site Scripti
2018-05-01
macOS / iOS - ReportCrash mach port Replacement due to Failure to Respect MIG Ownership Rules
2018-05-01
macOS 10.13.2 - Double mach_port_deallocate in kextd due to Failure to Comply with MIG Ownership Rul
2018-05-01
Nagios XI 5.2.[6-9], 5.3, 5.4 - Chained Remote Root Exploit
2018-05-01
Navicat < 12.0.27 - Oracle Connection Overflow Exploit
2018-05-01
Drupal < 7.58 - Drupalgeddon3 Authenticated Remote Code Exploit
2018-05-01
WordPress Form Maker 1.12.20 Plugin - CSV Injection Vulnerability
2018-05-01
Wordpress Responsive Cookie Consent v1.5 / v1.6 / v1.7 - Authenticated Persistent Cross-Site Scripting
2018-05-01
macOS/iOS - ReportCrash mach port Replacement due to Failure to Respect MIG Ownership Rules
2018-04-30
macOS 10.13.2 - Double mach_port_deallocate in kextd due to Failure to Comply with MIG Ownership Rules
2018-04-30
Nagios XI 5.2.[6-9], 5.3, 5.4 - Chained Remote Root
2018-04-30
WordPress Plugin Form Maker 1.12.20 - CSV Injection
2018-04-30
Navicat < 12.0.27 - Oracle Connection Overflow
2018-04-30
Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code (Metasploit)
2018-04-30
Android Bluetooth - Blueborne Information Leak (2) Exploit
2018-04-30
Android Bluetooth - Blueborne Information Leak (1) Exploit
2018-04-30
Apache Struts 2.0.1 < 2.3.33 / 2.5 < 2.5.10 - Arbitrary Code Execution Exploit
2018-04-30
Oracle Weblogic Server 10.3.6.0/12.1.3.0/12.2.1.2/12.2.1.3 Deserialization Remote Command Execution
2018-04-30
Websphere / JBoss / OpenNMS / Symantec - Java Deserialization Remote Code Execution
2018-04-30
Apache Struts 2.0.1 < 2.3.33 / 2.5 < 2.5.10 - Arbitrary Code Execution
2018-04-29
Android Bluetooth - 'Blueborne' Information Leak (2)
2018-04-29
Android Bluetooth - 'Blueborne' Information Leak (1)
2018-04-29
Oracle Weblogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.2 / 12.2.1.3 - Deserialization Remote Command Execution
2018-04-29
Websphere/JBoss/OpenNMS/Symantec Endpoint Protection Manager - Java Deserialization Remote Code Execution
2018-04-29
Drupal Drupalgeddon 2 Forms API Property Injection Exploit
2018-04-27
GitList 0.6 - Unauthenticated Remote Code Execution Exploit
2018-04-27
TP-Link TL-WA850RE Wi-Fi Range Extender - Unauthenticated Remote Reboot Vulnerability
2018-04-27
Frog CMS 0.9.5 - Persistent Cross-Site Scripting Vulnerability
2018-04-27
Allok AVI to DVD SVCD VCD Converter 4.0.1217 - Buffer Overflow (SEH) Exploit
2018-04-27
phpLiteAdmin 1.9.7.1 Authorization Bypass Vulnerability
2018-04-27
Drupal < 7.58 - drupalgeddon3 Authenticated Remote Code Execution (PoC) Exploit
2018-04-27
Jfrog Artifactory < 4.16 - Unauthenticated Arbitrary File Upload / Remote Command Execution Vulne
2018-04-27
WordPress WP with Spritz 1.0 Plugin - Remote File Inclusion Vulnerability
2018-04-27
October CMS User Plugin v1.4.5 - Persistent Cross-Site Scripting Vulnerability
2018-04-27
SickRage < v2018.03.09 - Clear-Text Credentials HTTP Response Exploit
2018-04-27
Frog CMS 0.9.5 - Persistent Cross-Site Scripting
2018-04-26
TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Unauthenticated Remote Reboot
2018-04-26
Allok AVI to DVD SVCD VCD Converter 4.0.1217 - Buffer Overflow (SEH)
2018-04-26
GitList 0.6 - Unauthenticated Remote Code Execution
2018-04-26
MyBB Threads to Link Plugin 1.3 - Cross-Site Scripting
2018-04-26
October CMS User Plugin v1.4.5 - Persistent Cross-Site Scripting
2018-04-26
SickRage < v2018.03.09 - Clear-Text Credentials HTTP Response
2018-04-26
WordPress Plugin WP with Spritz 1.0 - Remote File Inclusion
2018-04-26
Jfrog Artifactory < 4.16 - Unauthenticated Arbitrary File Upload / Remote Command Execution
2018-04-26
Drupal < 7.58 - 'drupalgeddon3' Authenticated Remote Code Execution (PoC)
2018-04-26
HRSALE The Ultimate HRM v1.0.2 - award_id SQL Injection Vulnerability
2018-04-26
HRSALE The Ultimate HRM v1.0.2 - Local File Inclusion Vulnerability
2018-04-26
HRSALE The Ultimate HRM 1.0.2 - Authenticated Cross-Site Scripting Vulnerability
2018-04-26
HRSALE The Ultimate HRM v1.0.2 - CSV Injection Vulnerability
2018-04-26
Blog Master Pro v1.0 - CSV Injection Vulnerability
2018-04-26
Quixplorer 2.4.1 Beta Cross Site Scripting Vulnerability
2018-04-26
Shopy Point of Sale v1.0 - CSV Injection Vulnerability
2018-04-26
Linux/x86 execve /bin/sh Encoded Shellcode (44 bytes)
2018-04-26
Chrome V8 JIT - Arrow Function Scope Fixing Bug Exploit
2018-04-26
Chrome V8 JIT - AwaitedPromise Update Bug Exploit
2018-04-26
Adobe Flash - Out-of-Bounds Write in blur Filtering Exploit
2018-04-26
Adobe Flash - Overflow when Playing Sound Exploit
2018-04-26
Adobe Flash - Overflow in Slab Rendering Exploit
2018-04-26
Adobe Flash - Info Leak in Image Inflation Exploit
2018-04-26
Easy File Sharing Web Server 7.2 - UserID Remote Buffer Overflow (DEP Bypass) Exploit
2018-04-26
Allok Video to DVD Burner 2.6.1217 - Buffer Overflow (SEH) Exploit
2018-04-26
Open-AudIT 2.1 - CSV Macro Injection Vulnerability
2018-04-26
R 3.4.4 fow Windows - Local Buffer Overflow Exploit
2018-04-26
Ericsson-LG iPECS NMS A.1Ac - Cleartext Credential Disclosure Exploit
2018-04-26
gif2apng 1.9 - .gif Stack Buffer Overflow Vulnerability
2018-04-26
WordPress Woo Import Export 1.0 Plugin - Arbitrary File Deletion Vulnerability
2018-04-26
Zyxel ZyWALL ZLD 4.30 Cross Site Scripting Vulnerability
2018-04-26
WSO2 Identity Server 5.3.0 Cross Site Scripting Vulnerability
2018-04-26
Wuzhi CMS 4.1.0 Cross Site Request Forgery Vulnerability
2018-04-26
WordPress UK Cookie Consent - Persistent Cross-Site Scripting Vulnerability
2018-04-26
WordPress WD Instagram Feed Premium 1.3.0 Cross Site Scripting Vulnerability
2018-04-26
Kaspersky KSN for Linux 5.2 - Memory Corruption Exploit
2018-04-26
MyBB Threads To Link 1.3 Cross Site Scripting Vulnerability
2018-04-26
PRTG Network Monitor < 18.1.39.1648 - Stack Overflow Denial of Service Exploit
2018-04-26
Monstra cms 3.0.4 - Persitent Cross-Site Scripting Vulnerability
2018-04-26
phpMyAdmin 4.8.0 < 4.8.0-1 - Cross-Site Request Forgery Vulnerability
2018-04-26
Apache CouchDB 1.7.0 and 2.x before 2.1.1 - Remote Privilege Escalation Exploit
2018-04-26
Ncomputing vSpace Pro v10 and v11 - Directory Traversal PoC
2018-04-26
Interspire Email Marketer - Remote Admin Authentication Bypass Exploit
2018-04-26
Linux/x86 Reverse TCP 127.1.1.1:5555 #Shellcode (73 Bytes)
2018-04-26
ASUS infosvr Authentication Bypass Command Execution Exploit
2018-04-26
lastore-daemon D-Bus Privilege Escalation Exploit
2018-04-26
Drupal Avatar Uploader 7.x-1.0-beta8 Arbitary File Download Vulnerability
2018-04-26
Microsoft Internet Explorer 11.371.16299.0 Denial Of Service Exploit
2018-04-26
Chrome V8 JIT NodeProperties::InferReceiverMaps Type Confusion Exploit
2018-04-26
WordPress WooCommerce 2.0 / 3.0 Directory Traversal Vulnerability
2018-04-26
Cobub Razor 0.8.0 - Physical path Leakage Vulnerability
2018-04-26
Linux/x86 TCP Port 1337 Bindshell Shellcode
2018-04-26
Digital Guardian Management Console 7.1.2.0015 XXE Injection Vulnerability
2018-04-26
Digital Guardian Management Console 7.1.2.0015 Server Side Request Forgery Vulnerability
2018-04-26
Easy File Sharing Web Server 7.2 - Stack Buffer Overflow Exploit
2018-04-26
Rvsitebuilder CMS - Database Backup Download Vulnerability
2018-04-26
Match Clone Script 1.0.4 - Cross-Site Scripting Vulnerability
2018-04-26
Kodi 17.6 - Persistent Cross-Site Scripting Vulnerability
2018-04-26
Lutron Quantum 2.0 - 3.2.243 - Information Disclosure Exploit
2018-04-26
PDFunite 0.41.0 - .pdf Local Buffer Overflow Exploit
2018-04-26
RSVG 2.40.13 / 2.42.2 - .svg Buffer Overflow Exploit
2018-04-26
VX Search 10.6.18 - directory Local Buffer Overflow Exploit
2018-04-26
MySQL Squid Access Report 2.1.4 - SQL Injection / Cross-Site Scripting Vulnerabilities
2018-04-26
WordPress Caldera Forms 1.5.9.1 Plugin - Cross-Site Scripting Vulnerability
2018-04-26
Joomla JS Jobs 1.2.0 Component - Cross-Site Request Forgery Vulnerability
2018-04-26
Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - Drupalgeddon2 Remote Code Execution Exploit
2018-04-26
Chrome V8 JIT - Arrow Function Scope Fixing Bug
2018-04-25
Chrome V8 JIT - 'AwaitedPromise' Update Bug
2018-04-25
HRSALE The Ultimate HRM v1.0.2 - Local File Inclusion
2018-04-25
HRSALE The Ultimate HRM 1.0.2 - Authenticated Cross-Site Scripting
2018-04-25
HRSALE The Ultimate HRM v1.0.2 - 'award_id' SQL Injection
2018-04-25
HRSALE The Ultimate HRM v1.0.2 - CSV Injection
2018-04-25
Blog Master Pro v1.0 - CSV Injection
2018-04-25
Shopy Point of Sale v1.0 - CSV Injection
2018-04-25
VMware Workstation 12.5.2 - Drag n Drop Use-After-Free (Pwn2Own 2017) (PoC)
2018-04-25
WSO2 Carbon / WSO2 Dashboard Server 5.3.0 - Persistent Cross-Site Scripting
2018-04-24
Adobe Flash - Out-of-Bounds Write in blur Filtering
2018-04-24
Adobe Flash - Info Leak in Image Inflation
2018-04-24
Adobe Flash - Overflow in Slab Rendering
2018-04-24
Adobe Flash - Overflow when Playing Sound
2018-04-24
Chrome V8 JIT - 'NodeProperties::InferReceiverMaps' Type Confusion
2018-04-24
Microsoft (Win 10) Internet Explorer 11.371.16299.0 - Denial Of Service
2018-04-24
ASUS infosvr - Auth Bypass Command Execution (Metasploit)
2018-04-24
lastore-daemon D-Bus - Privilege Escalation (Metasploit)
2018-04-24
Easy File Sharing Web Server 7.2 - 'UserID' Remote Buffer Overflow (DEP Bypass)
2018-04-24
Kaspersky KSN for Linux 5.2 - Memory Corruption
2018-04-24
WordPress Plugin Woo Import Export 1.0 - Arbitrary File Deletion
2018-04-24
gif2apng 1.9 - '.gif' Stack Buffer Overflow
2018-04-24
Allok Video to DVD Burner 2.6.1217 - Buffer Overflow (SEH)
2018-04-24
Linux/x86 - execve /bin/sh Shellcode Encoded with ROT-13 + RShift-2 + XOR Encoded (44 bytes)
2018-04-24
R 3.4.4 - Local Buffer Overflow
2018-04-24
Ericsson-LG iPECS NMS A.1Ac - Cleartext Credential Disclosure
2018-04-24
VLC Media Player/Kodi/PopcornTime 'Red Chimera' < 2.2.5 - Memory Corruption (PoC)
2018-04-24
Interspire Email Marketer < 6.1.6 - Remote Admin Authentication Bypass
2018-04-24
Monstra CMS 3.0.4 - Arbitrary Folder Deletion
2018-04-24
Open-AudIT 2.1 - CSV Macro Injection
2018-04-24
Linux/x86 - cp /bin/sh /tmp/sh; chmod +s /tmp/sh Shellcode (74 bytes)
2018-04-24
Linux/x86 - chmod 4755 /bin/dash Shellcode (33 bytes)
2018-04-24
Linux/x86 - Reverse TCP (5555/TCP) Shellcode - (73 Bytes)
2018-04-24
Linux/x86 - Edit /etc/sudoers with NOPASSWD for ALL Shellcode
2018-04-24
Linux/x86 - Bind TCP (1337/TCP) Shell + Null-Free Shellcode (92 bytes)
2018-04-24
WUZHI CMS 4.1.0 - Cross-Site Request Forgery
2018-04-24
UK Cookie Consent - Persistent Cross-Site Scripting
2018-04-24
Monstra cms 3.0.4 - Persitent Cross-Site Scripting
2018-04-23
Drupal avatar_uploader v7.x-1.0-beta8 - Arbitrary File Disclosure
2018-04-23
PRTG Network Monitor < 18.1.39.1648 - Stack Overflow (Denial of Service)
2018-04-23
Apache CouchDB 1.7.0 and 2.x before 2.1.1 - Remote Privilege Escalation
2018-04-23
Ncomputing vSpace Pro v10 and v11 - Directory Traversal PoC
2018-04-23
phpMyAdmin 4.8.0 < 4.8.0-1 - Cross-Site Request Forgery
2018-04-23
Cobub Razor 0.8.0 - Physical path Leakage
2018-04-20
VX Search 10.6.18 - 'directory' Local Buffer Overflow
2018-04-19
Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities
2018-04-19
Joomla! Component JS Jobs 1.2.0 - Cross-Site Request Forgery
2018-04-19
RSVG 2.40.13 / 2.42.2 - '.svg' Buffer Overflow
2018-04-19
PDFunite 0.41.0 - '.pdf' Local Buffer Overflow
2018-04-19
WordPress Plugin Caldera Forms 1.5.9.1 - Cross-Site Scripting
2018-04-19
Lutron Quantum 2.0 - 3.2.243 - Information Disclosure
2018-04-19
Kodi 17.6 - Persistent Cross-Site Scripting
2018-04-19
Match Clone Script 1.0.4 - Cross-Site Scripting
2018-04-19
Easy File Sharing Web Server 7.2 - Stack Buffer Overflow
2018-04-19
Rvsitebuilder CMS - Database Backup Download
2018-04-19
MySQL Squid Access Report 2.1.4 - SQL Injection / Cross-Site Scripting
2018-04-19
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 Drupalgeddon2 Remote Code Execution Exploit
2018-04-17
Microsoft Window Manager (Windows 7 x86) - Menu Management Component UAF Privilege Elevation Exploit
2018-04-17
Microsoft Windows - nt!NtQueryVirtualMemory (MemoryImageInformation) Kernel 64-bit Stack Memory Disc
2018-04-17
Microsoft Windows - nt!NtQueryVirtualMemory (Memory(Privileged)BasicInformation) Kernel 64-bit Stack
2018-04-17
Microsoft Windows - nt!NtQueryInformationProcess (ProcessImageFileName) Kernel 64-bit Pool/Stack Mem
2018-04-17
Microsoft Windows - nt!NtQueryInformationTransactionManager (TransactionManagerRecoveryInformation)
2018-04-17
Microsoft Windows - nt!NtQuerySystemInformation (SystemPageFileInformation(Ex)) Kernel 64-bit Stack
2018-04-17
Microsoft Windows - nt!NtQueryVolumeInformationFile Kernel Stack Memory Disclosure Exploit
2018-04-17
Microsoft Windows - nt!NtQueryFullAttributesFile Kernel Stack Memory Disclosure Exploit
2018-04-17
Microsoft Windows - CiSetFileCache TOCTOU Incomplete Fix Exploit
2018-04-17
Microsoft Windows - nt!NtQueryAttributesFile Kernel Stack Memory Disclosure Exploit
2018-04-17
Microsoft Edge - OpenProcess() ACG Bypass Exploit
2018-04-17
Microsoft Windows Kernel (Windows 7 x86) - Local Privilege Escalation (MS16-039) Exploit
2018-04-17
Microsoft Windows Kernel (Windows 7 x86) - Local Privilege Escalation (MS17-017) Exploit
2018-04-17
AMD Plays.tv 1.27.5.0 - plays_service.exe Arbitrary File Execution Exploit
2018-04-17
Zortam MP3 Media Studio 23.45 - Local Buffer Overflow (SEH) Exploit
2018-04-17
Brave Browser < 0.13.0 - window.close(self) Denial of Service Exploit
2018-04-17
Brave Browser < 0.13.0 - long alert() argument Denial of Service Exploit
2018-04-17
D-Link DIR-615 Wireless Router - Persistent Cross Site Scripting Vulnerability
2018-04-17
Joomla jDownloads 3.2.58 Component Cross Site Scripting Vulnerability
2018-04-17
Cobub Razor 0.8.0 SQL Injection Vulnerability
2018-04-17
CloudMe Sync 1.11.0 Local Buffer Overflow Exploit
2018-04-17
Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 Insecure Direct Object Reference Vulnerability
2018-04-17
Barco ClickShare CSE-200 Denial Of Service Vulnerability
2018-04-17
Dell EMC ViPR Controller Information Exposure Vulnerability
2018-04-17
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (Metasploit)
2018-04-17
Microsoft Windows Kernel (Windows 7 x86) - Local Privilege Escalation (MS16-039)
2018-04-17
Microsoft Windows Kernel (Windows 7 x86) - Local Privilege Escalation (MS17-017)
2018-04-17
Microsoft Window Manager (Windows 7 x86) - Menu Management Component UAF Privilege Elevation
2018-04-17
AMD Plays.tv 1.27.5.0 - 'plays_service.exe' Arbitrary File Execution
2018-04-17
Brave Browser < 0.13.0 - 'window.close(self)' Denial of Service
2018-04-17
Brave Browser < 0.13.0 - 'long alert() argument' Denial of Service
2018-04-17
D-Link DIR-615 Wireless Router - Persistent Cross Site Scripting
2018-04-17
Joomla! Component jDownloads 3.2.58 - Cross Site Scripting
2018-04-17
CloudMe Sync 1.11.0 - Local Buffer Overflow
2018-04-17
Sophos Cyberoam UTM CR25iNG - 10.6.3 MR-5 - Direct Object Reference
2018-04-17
Zortam MP3 Media Studio 23.45 - Local Buffer Overflow (SEH)
2018-04-17
Microsoft Edge - 'OpenProcess()' ACG Bypass
2018-04-17
Microsoft Windows - 'CiSetFileCache' TOCTOU Incomplete Fix
2018-04-17
Microsoft Windows - 'nt!NtQueryVirtualMemory (MemoryImageInformation)' Kernel 64-bit Stack Memory Disclosure
2018-04-17
Microsoft Windows - 'nt!NtQueryVirtualMemory (Memory(Privileged)BasicInformation)' Kernel 64-bit Stack Memory Disclosure
2018-04-17
Microsoft Windows - 'nt!NtQueryInformationProcess (ProcessImageFileName)' Kernel 64-bit Pool/Stack Memory Disclosure
2018-04-17
Microsoft Windows - 'nt!NtQueryInformationTransactionManager (TransactionManagerRecoveryInformation)' Kernel Pool Memory Disclosure
2018-04-17
Microsoft Windows - 'nt!NtQuerySystemInformation (SystemPageFileInformation(Ex))' Kernel 64-bit Stack Memory Disclosure
2018-04-17
Microsoft Windows - 'nt!NtQueryVolumeInformationFile' Kernel Stack Memory Disclosure
2018-04-17
Microsoft Windows - 'nt!NtQueryAttributesFile' Kernel Stack Memory Disclosure
2018-04-17
Microsoft Windows - 'nt!NtQueryFullAttributesFile' Kernel Stack Memory Disclosure
2018-04-17
Barco ClickShare CSE-200 - Remote Denial of Service
2018-04-16
SysGauge Pro 4.6.12 - Local Buffer Overflow (SEH)
2018-04-16
Cobub Razor 0.8.0 - SQL injection
2018-04-16
Microsoft Credential Security Support Provider - Remote Code Execution Vulnerability
2018-04-14
GNU Beep 1.3 - HoleyBeep Local Privilege Escalation Exploit
2018-04-14
MikroTik 6.41.4 - FTP daemon Denial of Service PoC
2018-04-14
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 Drupalgeddon2 Remote Code Execution Exploit
2018-04-14
Microsoft Credential Security Support Provider - Remote Code Execution
2018-04-13
GNU Beep 1.3 - 'HoleyBeep' Local Privilege Escalation
2018-04-13
MikroTik 6.41.4 - FTP daemon Denial of Service PoC
2018-04-13
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution
2018-04-13
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC)
2018-04-13
Joomla Convert Forms version 2.0.3 - Formula Injection (CSV Injection) Vulnerability
2018-04-13
Joomla Convert Forms version 2.0.3 - Formula Injection (CSV Injection)
2018-04-12
IMP XForm 2.0 DatalifeEngine SQL Injection Vulnerability
2018-04-12
F5 BIG-IP 11.6 SSL Virtual Server - Ticketbleed Memory Disclosure Exploit
2018-04-12
SysGauge Pro 4.6.12 Local Buffer Overflow Exploit
2018-04-12
F5 BIG-IP 11.6 SSL Virtual Server - 'Ticketbleed' Memory Disclosure
2018-04-12
WordPress Image Zoom 1.23 Plugin Denial Of Service Vulnerability
2018-04-11
WordPress Rating-Widget: Star Review System 2.8.9 Information Disclosure Vulnerability
2018-04-11
Wordpress Relevanssi 3.5.12 / 3.6.0 SQL Injection Vulnerability
2018-04-11
Linux/x64 - x64 Assembly Shellcode (Generator)
2018-04-11
WordPress File Upload Plugin 4.3.3 - Stored Cross Site Scripting Vulnerability
2018-04-11
WordPress File Upload Plugin 4.3.2 - Stored Cross Site Scripting Vulnerability
2018-04-11
Wordpress Activity Log 2.4.0 Plugin - Stored Cross Site Scripting Vulnerability
2018-04-11
Google Chrome V8 JIT #GoogleChrome - LoadElimination::ReduceTransitionElementsKind Type Confusion Ex
2018-04-11
WUZHI CMS 4.1.0 - Add User Account Cross-Site Request Forgery Vulnerability
2018-04-11
WUZHI CMS 4.1.0 - Add Admin Account Cross-Site Request Forgery Vulnerability
2018-04-11
DVDX Player Standard 5.5.3.9 - Buffer Overflow Vulnerability
2018-04-11
WordPress Plugin WordPress File Upload 4.3.3 - Stored XSS
2018-04-10
WordPress File Upload Plugin 4.3.2 - Stored Cross Site Scripting
2018-04-10
Google Chrome V8 JIT - 'LoadElimination::ReduceTransitionElementsKind' Type Confusion
2018-04-10
Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager - Invalid Access Control
2018-04-10
WUZHI CMS 4.1.0 - ‘Add User Account’ Cross-Site Request Forgery
2018-04-10
WUZHI CMS 4.1.0 - ‘Add Admin Account’ Cross-Site Request Forgery
2018-04-10
DVD X Player Standard 5.5.3.9 - Buffer Overflow
2018-04-10
Wordpress Plugin Activity Log 2.4.0 - Stored Cross Site Scripting
2018-04-10
iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting
2018-04-10
WordPress Google Drive 2.2 Plugin - Remote Code Execution Vulnerability
2018-04-10
iScripts SonicBB 1.0 - Reflected Cross-Site Scripting Vulnerability
2018-04-10
WooCommerce CSV-Importer-Plugin 3.3.6 - Remote Code Execution Vulnerability
2018-04-10
Buddypress Xprofile Custom Fields Type 2.6.3 - Remote Code Execution Exploit
2018-04-10
KYOCERA Net Admin 3.4 - Cross Site Request Forgery - Add Admin Exploit
2018-04-10
KYOCERA Multi-Set Template Editor 3.4 - Out-Of-Band XML External Entity Injection Vulnerability
2018-04-10
SSH / SSL RSA Private Key Passphrase Dictionary Enumerator Exploit
2018-04-10
CyberArk Password Vault Web Access < 9.9.5 / < 9.10 / 10.1 - Remote Code Execution Vulnerabili
2018-04-10
WordPress Simple Fields Plugin 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code Execution Vul
2018-04-10
Yahei PHP Prober 0.4.7 - Cross-Site Scripting Vulnerability
2018-04-10
MyBB Recent Threads On Index Plugin - Cross-Site Scripting Vulnerability
2018-04-10
Cobub Razor 0.7.2 - Add New Superuser Account Vulnerability
2018-04-10
WolfCMS 0.8.3.1 - Cross Site Request Forgery / Open Redirection Vulnerabilities
2018-04-10
PMS 0.42 - Local Stack-Based Overflow (ROP) Exploit
2018-04-10
GoldWave 5.70 - Local Buffer Overflow (SEH Unicode) Exploit
2018-04-10
H2Database - Alias Arbitrary Code Execution Exploit
2018-04-10
CyberArk Password Vault < 9.7 / < 10 - Memory Disclosure Vulnerability
2018-04-10
WebKit - WebAssembly Parsing Does not Correctly Check Section Order Vulnerability
2018-04-10
Onethink CMS Server Side Request Forgery Vulnerability
2018-04-10
Cockpit CMS 0.13.0 Server Side Request Forgery Vulnerability
2018-04-10
Dell EMC Avamar / Integrated Data Protection Missing Access Control Vulnerability
2018-04-10
Video Downloader Universal Cross Site Scripting Vulnerability
2018-04-10
Atlassian Fisheye / Crucible 4.5.2 Code Execution Vulnerability
2018-04-10
Atlassian Bamboo 6.x Code Execution Vulnerability
2018-04-10
LineageOS 14.1 Blueborne - Remote Code Execution Vulnerability
2018-04-10
Cobub Razor 0.7.2 - Cross Site Request Forgery Vulnerability
2018-04-10
WebRTC - Private IP Leakage Exploit
2018-04-10
Z-Blog 1.5.1.1740 - Full Path Disclosure Vulnerability
2018-04-10
Z-Blog 1.5.1.1740 - Cross-Site Scripting Vulnerability
2018-04-10
GetSimple CMS 3.3.13 - Cross-Site Scripting Vulnerability
2018-04-10
YzmCMS 3.6 - Cross-Site Scripting Vulnerability
2018-04-10
Microsoft Windows Defender - mpengine.dll Memory Corruption Exploit
2018-04-10
Microsoft Windows - Multiple Use-After-Free Issues in jscript Array Methods Exploit
2018-04-10
MyBB Downloads 2.0.3 Plugin - Cross-Site Scripting Vulnerability
2018-04-10
Joomla JS Jobs 1.2.0 Component - Cross-Site Scripting Vulnerability
2018-04-10
Adobe Flash 28.0.0.137 Remote Code Execution Exploit
2018-04-10
Microsoft Sharepoint 14.x Cross Site Scripting Vulnerability
2018-04-10
FiberHome VDSL2 Modem HG 150-UB Login Bypass Vulnerability
2018-04-10
KeePass Simple Dictionary Password Enumerator Exploit
2018-04-10
PMS 0.42 Stack-Based Buffer Overflow Exploit
2018-04-10
Sophos Endpoint Protection 10.7 Tamper Protection Bypass Vulnerability
2018-04-10
Sophos Endpoint Protection 10.7 Insecure Cryptography Vulnerability
2018-04-10
ProcessMaker - Plugin Upload Exploit
2018-04-10
Moxa AWK-3131A 1.4 < 1.7 - Username OS Command Injection Exploit
2018-04-10
Google Chrome V8 - ElementsAccessorBase::CollectValuesOrEntriesImpl Type Confusion
2018-04-10
Google Chrome V8 - Genesis::InitializeGlobal Out-of-Bounds Read/Write Exploit
2018-04-10
Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix 2) Exploit
2018-04-10
Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix) Exploit
2018-04-10
ShoprLynx 9.2.3 Insecure File Permissions Vulnerability
2018-04-10
Tpshop <= 2.0.6 Server Side Request Forgery Vulnerability
2018-04-10
Bomgar Remote Support Portal JavaStart Applet <= 52970 - Path Traversal Vulnerability
2018-04-10
ModSecurity WAF 3.0 for Nginx - Denial of Service Vulnerability
2018-04-10
OpenCMS 10.5.3 - Cross-Site Scripting Vulnerability
2018-04-10
OpenCMS 10.5.3 - Cross-Site Request Forgery Vulnerability
2018-04-10
Nginx 1.13.10 Accept-Encoding Line Feed Injection Exploit
2018-04-10
WordPress Plugin Google Drive 2.2 - Remote Code Execution
2018-04-09
iScripts SonicBB 1.0 - Reflected Cross-Site Scripting
2018-04-09
WooCommerce CSV-Importer-Plugin 3.3.6 - Remote Code Execution
2018-04-09
Buddypress Xprofile Custom Fields Type 2.6.3 - Remote Code Execution
2018-04-09
KYOCERA Net Admin 3.4 - Cross Site Request Forgery - Add Admin Exploit
2018-04-09
KYOCERA Multi-Set Template Editor 3.4 - Out-Of-Band XML External Entity Injection
2018-04-09
CyberArk Password Vault Web Access < 9.9.5 / < 9.10 / 10.1 - Remote Code Execution
2018-04-09
CyberArk Password Vault < 9.7 / < 10 - Memory Disclosure
2018-04-09
WebKit - WebAssembly Parsing Does not Correctly Check Section Order
2018-04-09
PMS 0.42 - Local Stack-Based Overflow (ROP)
2018-04-09
WordPress Plugin Simple Fields 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code Execution
2018-04-09
Yahei PHP Prober 0.4.7 - Cross-Site Scripting
2018-04-09
GoldWave 5.70 - Local Buffer Overflow (SEH Unicode)
2018-04-09
H2 Database - 'Alias' Arbitrary Code Execution
2018-04-09
WolfCMS 0.8.3.1 - Open Redirection
2018-04-09
MyBB Plugin Recent Threads On Index - Cross-Site Scripting
2018-04-09
Cobub Razor 0.7.2 - Add New Superuser Account
2018-04-09
WolfCMS 0.8.3.1 - Cross Site Request Forgery
2018-04-09
Cobub Razor 0.7.2 - Cross Site Request Forgery
2018-04-06
LineageOS 14.1 Blueborne - RCE
2018-04-06
DotNetNuke DNNarticle Module 11 - Directory Traversal
2018-04-06
FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass
2018-04-06
Sophos Endpoint Protection Control Panel 10.7 - Weak Password Encryption
2018-04-06
Sophos Endpoint Protection 10.7 - Tamper-Protection Bypass
2018-04-06
GetSimple CMS 3.3.13 - Cross-Site Scripting
2018-04-05
Z-Blog 1.5.1.1740 - Full Path Disclosure
2018-04-05
Z-Blog 1.5.1.1740 - Cross-Site Scripting
2018-04-05
YzmCMS 3.6 - Cross-Site Scripting
2018-04-05
WebRTC - Private IP Leakage (Metasploit)
2018-04-05
Microsoft Windows - Multiple Use-After-Free Issues in jscript Array Methods
2018-04-05
Microsoft Windows Defender - 'mpengine.dll' Memory Corruption
2018-04-05
Joomla! Component JS Jobs 1.2.0 - Cross-Site Scripting
2018-04-05
MyBB Plugin Downloads 2.0.3 - Cross-Site Scripting
2018-04-05
ProcessMaker - Plugin Upload (Metasploit)
2018-04-04
Moxa AWK-3131A 1.4 < 1.7 - 'Username' OS Command Injection
2018-04-04
Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix 2)
2018-04-03
Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix)
2018-04-03
Google Chrome V8 - 'Genesis::InitializeGlobal' Out-of-Bounds Read/Write
2018-04-03
Google Chrome V8 - 'ElementsAccessorBase::CollectValuesOrEntriesImpl' Type Confusion
2018-04-03
Secutech RiS-11/RiS-22/RiS-33 - Remote DNS Change
2018-04-02
Secutech RiS-11/RiS-22/RiS-33 5.07.52_es_FRI01 Remote DNS Changer Vulnerability
2018-04-02
IBM Virtual Security Operations Center (VSOC) Cross Site Scripting Vulnerability
2018-04-02
DotNetNuke DNNarticle Directory Traversal Vulnerability
2018-04-02
OpenCMS 10.5.3 - Cross-Site Scripting
2018-04-02
OpenCMS 10.5.3 - Cross-Site Request Forgery
2018-04-02
D-Link DIR-601 - Admin Password Disclosure Vulnerability
2018-04-02
WebLog Expert Enterprise 9.4 - Privilege Escalation Vulnerability
2018-04-02
WampServer 3.1.1 - Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities
2018-04-02
Frog CMS 0.9.5 - Cross-Site Request Forgery (Add User) Vulnerability
2018-04-02
WebLog Expert Enterprise 9.4 - Privilege Escalation
2018-04-02
DLink DIR-601 - Admin Password Disclosure
2018-04-02
VideoFlow Digital Video Protection (DVP) 2.10 - Hard-Coded Credentials
2018-04-02
VideoFlow Digital Video Protection (DVP) 2.10 - Directory Traversal
2018-04-02
WampServer 3.1.2 - Cross-Site Request Forgery
2018-04-02
WampServer 3.1.1 - Cross-Site Scripting / Cross-Site Request Forgery
2018-04-02
Frog CMS 0.9.5 - Cross-Site Request Forgery (Add User)
2018-04-02
VideoFlow Digital Video Protection DVP 10 Authenticated Root Remote Code Execution Vulnerability
2018-04-01
VideoFlow Digital Video Protection DVP 10 Authenticated Directory Traversal Vulnerability
2018-04-01
glibc LD_AUDIT libmemusage.so RHEL-Based Arbitrary DSO Load Privilege Escalation Exploit
2018-04-01
WampServer 3.1.2 CSRF to add or delete any virtual hosts remotely Vulnerability
2018-04-01
osCommerce 2.3.4.1 - Remote Code Execution Exploit
2018-03-31
SysGauge 4.5.18 - Local Denial of Service Exploit
2018-03-31
Systematic SitAware - NVG Denial of Service Exploit
2018-03-31
Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload Exploit
2018-03-31
Faleemi Windows Desktop Software - (DDNS/IP) Local Buffer Overflow Exploit
2018-03-31
Tenda FH303/A300 Firmware V5.07.68_EN - Remote DNS Change Vulnerability
2018-03-31
Tenda W3002R/A302/w309r Wireless Router V5.07.64_en - Remote DNS Change Vulnerability
2018-03-31
Tenda W316R Wireless Router 5.07.50 - Remote DNS Change Vulnerability
2018-03-31
Joomla AcySMS 3.5.0 Component - CSV Macro Injection Vulnerability
2018-03-31
Joomla Acymailing Starter 5.9.5 Component - CSV Macro Injection Vulnerability
2018-03-31
Wordpress Contact Form 7 to Database Extension 2.10.32 Plugin - CSV Injection Vulnerability
2018-03-31
WordPress WP Security Audit Log 3.1.1 Plugin - Sensitive Information Disclosure Vulnerability
2018-03-31
Wordpress Relevanssi 4.0.4 Plugin - Reflected Cross-Site Scripting Vulnerability
2018-03-31
Allok WMV to AVI MPEG DVD WMV Converter 4.6.1217 - Buffer Overflow Exploit
2018-03-31
Allok Video Joiner 4.6.1217 - Stack-Based Buffer Overflow Exploit
2018-03-31
Allok AVI DivX MPEG to DVD Converter 2.6.1217 - Buffer Overflow (SEH) Exploit
2018-03-31
Homematic CCU2 2.29.23 - Remote Command Execution Exploit
2018-03-31
Homematic CCU2 2.29.23 - Arbitrary File Write Exploit
2018-03-31
MiniCMS 1.10 - Cross-Site Request Forgery Vulnerability
2018-03-31
Faleemi Windows Desktop Software - (DDNS/IP) Local Buffer Overflow
2018-03-30
Tenda FH303/A300 Firmware V5.07.68_EN - Remote DNS Change
2018-03-30
Tenda W3002R/A302/w309r Wireless Router V5.07.64_en - Remote DNS Change (PoC)
2018-03-30
Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload (Metasploit)
2018-03-30
D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router - Authentication Bypass
2018-03-30
Tenda W316R Wireless Router 5.07.50 - Remote DNS Change
2018-03-30
Advantech WebAccess < 8.1 - webvrpcs DrawSrv.dll Path BwBuildPath Stack-Based Buffer Overflow
2018-03-30
Systematic SitAware - NVG Denial of Service
2018-03-30
osCommerce 2.3.4.1 - Remote Code Execution
2018-03-30
Tenda W308R v2 Wireless Router 5.07.48 - Cookie Session Weakness Remote DNS Change PoC
2018-03-30
SysGauge 4.5.18 - Local Denial of Service
2018-03-30
WordPress Plugin WP Security Audit Log 3.1.1 - Sensitive Information Disclosure
2018-03-30
Joomla! Component AcySMS 3.5.0 - CSV Macro Injection
2018-03-30
Joomla! Component Acymailing Starter 5.9.5 - CSV Macro Injection
2018-03-30
Homematic CCU2 2.29.23 - Remote Command Execution
2018-03-30
Wordpress Plugin Contact Form 7 to Database Extension 2.10.32 - CSV Injection
2018-03-30
Wordpress Plugin Relevanssi 4.0.4 - Reflected Cross-Site Scripting
2018-03-30
Allok WMV to AVI MPEG DVD WMV Converter 4.6.1217 - Buffer Overflow
2018-03-30
Allok Video Joiner 4.6.1217 - Stack-Based Buffer Overflow
2018-03-30
Allok AVI DivX MPEG to DVD Converter 2.6.1217 - Buffer Overflow (SEH)
2018-03-30
MiniCMS 1.10 - Cross-Site Request Forgery
2018-03-30
Homematic CCU2 2.29.23 - Arbitrary File Write
2018-03-30
Open-AuditIT Professional 2.1 - Cross-Site Request Forgery
2018-03-30
Sony Playstation 4 (PS4) - PS4 4.55 BPF Race Condition Kernel Exploit Writeup
2018-03-30
Square 9 GlobalForms 6.2.x Blind SQL Injection Exploit
2018-03-29
Tenda W308R V2 Wireless Router 5.07.48 DNS Changer Exploit
2018-03-29
ManageEngine Application Manager Remote Code Execution Exploit
2018-03-29
Crea8Social Social Network Script - Multiple Cross-Site Scripting Vulnerabilities
2018-03-29
Exodus Wallet (ElectronJS Framework) - Remote Code Execution Exploit
2018-03-29
GitStack - Unsanitized Argument Remote Code Execution Exploit
2018-03-29
Drupal 7.0 < 7.31 - Drupalgeddon SQL Injection (Admin Session) Exploit
2018-03-29
Joomla Fields Component - SQL Injection Remote Code Execution Exploit
2018-03-29