| 2021-03-25 |
Git-LFS <= 2.12 Remote Code Execution (RCE) Vulnerability CVE-2020-27955 |
https://legalhackers.com/ |
|
| 2021-03-25 |
Wget < 1.18 Arbitrary File Upload / Remote Code Execution (CVE-2016-4971) |
https://legalhackers.com/ |
|
| 2021-03-25 |
Invision Power Board <= 3.0.4 Local PHP File Inclusion and SQL Injection |
https://legalhackers.com/ |
|
| 2021-03-25 |
Zabbix <= 1.8.1 SQL Injection |
https://legalhackers.com/ |
|
| 2021-03-25 |
Nagios - NRPE - Nagios Remote Plugin Executor <= 2.15 Remote Command Execution |
https://legalhackers.com/ |
|
| 2021-03-25 |
Nagios - Nagios Plugins - check_dhcp <= 2.0.1 Arbitrary Option File Read |
https://legalhackers.com/ |
|
| 2021-03-25 |
Nagios - Nagios Plugins - check_dhcp = 2.0.2 Race Condition |
https://legalhackers.com/ |
|
| 2021-03-25 |
Zend Framework <= 2.4.2 XML eXternal Entity Injection (XXE) on PHP FPM |
https://legalhackers.com/ |
|
| 2021-03-25 |
Kirby CMS <= 2.1.0 CSRF Content Upload and PHP Script Execution |
https://legalhackers.com/ |
|
| 2021-03-25 |
Kirby CMS <= 2.1.0 Authentication Bypass via Path Traversal |
https://legalhackers.com/ |
|
| 2021-03-25 |
eBay Magento <= 1.9.2.1 Unrestricted Cron Script (Potential Code Execution / DoS) |
https://legalhackers.com/ |
|
| 2021-03-25 |
eBay Magento <= 1.9.2.1 XML eXternal Entity Injection (XXE) on PHP FPM |
https://legalhackers.com/ |
|
| 2021-03-25 |
Google AdWords API client libraries - XML eXternal Entity Injection (XXE) |
https://legalhackers.com/ |
|
| 2021-03-25 |
Google AdWords API PHP client library <= 6.2.0 PHP Code Execution |
https://legalhackers.com/ |
|
| 2021-03-25 |
Exim <= 4.86.2 Local Root Privilege Escalation |
https://legalhackers.com/ |
|
| 2021-03-25 |
CakePHP Framework <= 3.2.4 IP Spoofing Vulnerability |
https://legalhackers.com/ |
|
| 2021-03-25 |
vBulletin <= 5.2.2 Preauth Server Side Request Forgery (SSRF) (CVE-2016-6483) |
https://legalhackers.com/ |
|
| 2021-03-25 |
Wordpress 4.6 - Unauthenticated RCE Exploit (Remote Code Execution) |
https://legalhackers.com/ |
|
| 2021-03-25 |
Nagios Core < 4.2.2 Curl Command Injection / Code Execution (CVE-2016-9565 / CVE-2008-4796) |
https://legalhackers.com/ |
|
| 2021-03-25 |
SquirrelMail <= 1.4.22 <= 1.4.23 Remote Code Execution (CVE-2017-7692) |
https://legalhackers.com/ |
|
| 2021-03-25 |
Zend Framework / zend-mail < 2.4.11 Remote Code Execution (CVE-2016-10034) |
https://legalhackers.com/ |
|
| 2021-03-25 |
SwiftMailer <= 5.4.5-DEV Remote Code Execution (CVE-2016-10074) |
https://legalhackers.com/ |
|
| 2021-03-25 |
PHPMailer < 5.2.20 Remote Code Execution (CVE-2016-10045) (0day Patch Bypass/Exploit) |
https://legalhackers.com/ |
|
| 2021-03-25 |
PHPMailer < 5.2.18 Remote Code Execution (CVE-2016-10033) |
https://legalhackers.com/ |
|
| 2021-03-25 |
Nagios Core < 4.2.4 Root Privilege Escalation (CVE-2016-9566) |
https://legalhackers.com/ |
|
| 2021-03-25 |
Wget < 1.18 Access List Bypass / Race Condition (CVE-2016-7098) |
https://legalhackers.com/ |
|
| 2021-03-25 |
Adobe ColdFusion <= 11 XML External Entity (XXE) Injection (CVE-2016-4264) |
https://legalhackers.com/ |
|
| 2021-03-25 |
Nginx (Debian-based + Gentoo distros) - Root Privilege Escalation (CVE-2016-1247) |
https://legalhackers.com/ |
|
| 2021-03-25 |
MySQL / MariaDB / Percona - Privilege Esc. / Race Condition (CVE-2016-6663 / CVE-2016-5616) |
https://legalhackers.com/ |
|
| 2021-03-25 |
MySQL / MariaDB / Percona - Root Privilege Escalation (CVE-2016-6664 / CVE-2016-5617) |
https://legalhackers.com/ |
|
| 2021-03-25 |
Apache Tomcat (RedHat-based distros) - Root Privilege Escalation (CVE-2016-5425) |
https://legalhackers.com/ |
|
| 2021-03-25 |
Apache Tomcat (Debian-based distros) <= 6/7/8 Root Privilege Escalation (CVE-2016-1240) |
https://legalhackers.com/ |
|
| 2021-03-25 |
MySQL / MariaDB / Percona - Remote Root Code Execution / Privilege Esc. (0day) (CVE-2016-6662) |
https://legalhackers.com/ |
|
| 2021-03-25 |
WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution |
https://legalhackers.com/ |
|
