| 2024-05-07 |
RansomLord v3 - Anti-Ransomware Exploitation Tool / New Release |
malvuln |
|
| 2024-05-07 |
POMS-PHP-(by oretnom23 )-v1.0-FU-SQLi-RCE-HAT.TRICK |
nu11secur1ty |
|
| 2024-05-07 |
Systemd Insecure PTY Handling |
Adam Gowdiak |
|
| 2024-05-07 |
Kobiz Design - Sql Injection |
behrouz mansoori |
|
| 2024-05-07 |
Docker Privileged Container Kernel Escape |
Eran Ayalon |
|
| 2024-05-07 |
Live2D Cubism Heap Corruption |
PT |
|
| 2024-05-06 |
htmlLawed 1.2.5 Remote Command Execution |
d4t4s3c |
|
| 2024-05-06 |
Oracuz - Blind Sql Injection |
behrouz mansoori |
|
| 2024-05-06 |
Kobiz Design - Blind Sql Injection |
behrouz mansoori |
|
| 2024-05-05 |
Sandhya Branding Agency - Blind Sql Injection |
behrouz mansoori |
|
| 2024-05-05 |
Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Device Config Disclosure |
Gjoko 'LiquidWorm' Krstic |
|
| 2024-05-05 |
Microsoft PlayReady Cryptography Weakness |
Adam Gowdiak |
|
| 2024-05-05 |
Webenlive - Sql Injection |
behrouz mansoori |
|
| 2024-05-05 |
SOPlanning 1.52.00 Cross Site Scripting |
liquidsky |
|
| 2024-05-05 |
SOPlanning 1.52.00 SQL Injection |
liquidsky |
|
| 2024-05-05 |
SOPlanning 1.52.00 Cross Site Request Forgery |
liquidsky |
|
| 2024-05-05 |
BitraTech - Sql Injection |
behrouz mansoori |
|
| 2024-05-05 |
Bigem Teknoloji - Blind Sql Injection |
behrouz mansoori |
|
| 2024-05-01 |
Kemp LoadMaster Unauthenticated Command Injection |
Dave Yesland |
|
| 2024-05-01 |
Doctor Appointment Management System 1.0 Cross Site Scripting |
SoSPiro |
|
| 2024-05-01 |
osCommerce 4 - Reflected XSS |
CraCkEr |
|
| 2024-05-01 |
Travel-Manager-OTMSP-1.0 Multiple SQLi |
nu11secur1ty |
|
| 2024-04-28 |
Positron Broadcast Signal Processor TRA7005 v1.20 Authentication Bypass |
LiquidWorm |
|
| 2024-04-28 |
GitLens Git Local Configuration Execution |
h00die |
|
| 2024-04-28 |
fvgfl - SQL Injection vulnerability |
Mahdi Karimi |
|
| 2024-04-25 |
FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution |
Spencer McIntyre |
|
| 2024-04-25 |
Relate Learning And Teaching system Version before 2024.1 SSTI(Markup Sandbox function) lead to RCE |
kai6u |
|
| 2024-04-25 |
Palo Alto PAN-OS Command Execution / Arbitrary File Creation |
Kr0ff |
|
| 2024-04-25 |
Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution |
sfewer-r7 |
|
| 2024-04-25 |
Hikvision Camera - Remote command execution |
parsa rezaie khiabanloo |
|
| 2024-04-25 |
Apache Solr Backup/Restore API Remote Code Execution |
jheysel-r7 |
|
| 2024-04-25 |
Nginx 1.25.5 Host Header Validation |
dhteam |
|
| 2024-04-23 |
Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass |
LiquidWorm |
|
| 2024-04-23 |
LRMS-PHP-by-oretnom23-v1.0 hat-trick |
nu11secur1ty |
|
| 2024-04-22 |
WBCE CMS Version 1.6.1 Remote Command Execution (Authenticated) |
tmrswrr |
|
| 2024-04-22 |
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Insecure Direct Object Reference |
LiquidWorm |
|
| 2024-04-22 |
Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass |
LiquidWorm |
|
| 2024-04-22 |
Elber Wayber Analog/Digital Audio STL 4.00 Insecure Direct Object Reference |
LiquidWorm |
|
| 2024-04-22 |
North Wales - Sql Injection |
behrouz mansoori |
|
| 2024-04-22 |
Relate Learning And Teaching system Version before 2024.1 Stored XSS |
kai6u |
|
| 2024-04-22 |
Solar-Log Base 2000- Broken Access Control |
parsa rezaie khiabanloo |
|
| 2024-04-22 |
Relate Learning And Teaching system Version before 2024.1 SSTI(Page Sandbox function) lead to RCE |
kai6u |
|
| 2024-04-22 |
Flowise 1.6.5 Authentication Bypass |
Maerifat Majeed |
|
| 2024-04-22 |
Wordpress Plugin Alemha Watermarker 1.3.1 Stored Cross-Site Scripting (XSS) |
Erdemstar |
|
| 2024-04-17 |
BMC Compuware iStrobe Web 20.13 Pre-auth RCE |
trancap |
|
| 2024-04-17 |
Centreon 23.10-1.el8 SQL Injection |
Cody Sixteen |
|
| 2024-04-17 |
CrushFTP Remote Code Execution |
Christophe de la Fuente |
|
| 2024-04-17 |
kruxton-1.0-FileUpload-RCE |
nu11secur1ty |
|
| 2024-04-17 |
Backdoor.Win32.Dumador.c / Remote Stack Buffer Overflow (SEH) |
malvuln |
|
| 2024-04-16 |
Amazon AWS Glue Database Password Disclosure |
Michael Werner |
|
| 2024-04-16 |
OpenClinic GA 5.247.01 Path Traversal (Authenticated) |
V. B. |
|
| 2024-04-16 |
PrusaSlicer 2.6.1 Arbitrary Code Execution |
Kamil Brenski |
|
| 2024-04-16 |
AMPLE BILLS 0.1 SQL injection |
nu11secur1ty |
|
| 2024-04-16 |
kruxton-1.0-Multiple-SQLi |
nu11secur1ty |
|
| 2024-04-16 |
Django REST Framework SimpleJWT 5.3.1 Information Disclosure |
Dhrumil Mistry |
|
| 2024-04-16 |
Jenkins 2.441 Local File Inclusion |
Matisse Beckandt |
|
| 2024-04-16 |
Moodle 3.10.1 SQL Injection |
Julio Ángel Ferrari |
|
| 2024-04-15 |
Bigem Teknoloji - Sql Injection |
behrouz mansoori |
|
| 2024-04-15 |
Ray OS 2.6.3 Command Injection |
Fire_Wolf |
|
| 2024-04-15 |
Casdoor < v1.331.0 /api/set-password CSRF |
Van Lam Nguyen |
|
| 2024-04-15 |
MinIO < 2024-01-31T20-20-33Z Privilege Escalation |
Jenson Zhao |
|
| 2024-04-15 |
Wordpress Plugin Playlist for Youtube 1.32 Stored Cross-Site Scripting (XSS) |
Erdemstar |
|
| 2024-04-15 |
Terratec dmx_6fire USB 1.23.0.02 Unquoted Service Path |
Joseph Kwabena Fiagbor |
|
| 2024-04-15 |
Blood Bank v1.0 Stored Cross Site Scripting (XSS) |
Ersin Erenler |
|
| 2024-04-15 |
AMPLE BILLS 0.1 Multiple-SQLi |
nu11secur1ty |
|
| 2024-04-12 |
Fuxnet: Disabling Russia's Industrial Sensor And Monitoring Infrastructure |
ruexfil |
|
| 2024-04-12 |
OX App Suite 7.10.6 Cross Site Scripting / Deserialization Issue |
Martin Heiland |
|
| 2024-04-12 |
Trimble TM4Web 22.2.0 Privilege Escalation / Access Code Disclosure |
Clement Cruchet |
|
| 2024-04-12 |
Concrete CMS 9.2.7 Cross Site Scripting / Open Redirect |
Andrey Stoykov |
|
| 2024-04-12 |
GUnet OpenEclass E-learning 3.15 File Upload / Command Execution |
Georgios Tsimpidas |
|
| 2024-04-09 |
Trojan.Win32.Razy.abc / Insecure Permissions (In memory IPC) |
malvuln |
|
| 2024-04-09 |
HTMLy 2.9.6 Cross Site Scripting |
tmrswrr |
|
| 2024-04-09 |
DerbyNet 9.0 render-document.php Cross Site Scripting |
Valentin Lobstein |
|
| 2024-04-09 |
Backdoor.Win32.Agent.ju (PSYRAT) / Authentication Bypass RCE |
malvuln |
|
| 2024-04-09 |
Savane v.3.12 Bad Seed Vulnerability and CSRF Bypass |
Ally Petitt |
|
| 2024-04-09 |
UP-RESULT 0.1 2024 SQL Injection |
nu11secur1ty |
|
| 2024-04-09 |
Daily Expense Manager 1.0 SQL Injection |
Stefan Hesselman |
|
| 2024-04-09 |
Wordpress Plugin Membership For WooCommerce < v2.1.7 Arbitrary File Upload to Shell (Unauthenticated) |
Milad Karimi |
|
| 2024-04-09 |
AnyDesk 7.0.15 Unquoted Service Path |
Milad Karimi |
|
| 2024-04-07 |
hrm2024.1.0-Multiple-SQLi |
nu11secur1ty |
|
| 2024-04-07 |
Seo Panel 4.7.0 Cross Site Scripting |
Arzu Demirez |
|
| 2024-04-07 |
SolarView Compact 6.00 - Command Injection |
parsa rezaie khiabanloo |
|
| 2024-04-07 |
Human Resource Management System 2024 1.0 SQL Injection |
nu11secur1ty |
|
| 2024-04-06 |
Gibbon School Platform 26.0.00 Remote Code Execution |
h00die-gr3y |
|
| 2024-04-02 |
Workout Journal App 1.0 Cross Site Scripting |
MURAT CAGRI ALIS |
|
| 2024-04-02 |
Rapid7 nexpose vulnerability management software - 'nexposeconsole' Unquoted Service Path |
Saud Alenazi |
|
| 2024-04-02 |
OpenCart Core 'search' - Blind SQLi |
Saud Alenazi |
|
| 2024-04-02 |
ARIS: Business Process Management 10.0.21.0 Cross Site Scripting |
Seid Yassin |
|
| 2024-04-02 |
BioTime Directory Traversal / Remote Code Execution |
w3bd3vil |
|
| 2024-04-02 |
Gibbon 26.0.00 Server-Side Template Injection / Remote Code Execution |
Islam Rzayev |
|
| 2024-03-30 |
Circontrol Raption Buffer Overflow / Command Injection |
Dariusz Gonda |
|
| 2024-03-30 |
util-linux wall Escape Sequence Injection |
Skyler Ferrante |
|
| 2024-03-30 |
FusionPBX Session Fixation |
Yogesh Bhandage |
|
| 2024-03-30 |
Purei CMS 1.0 SQL Injection |
Number 7 |
|
| 2024-03-30 |
WatchGuard XTM Firebox Unauthenticated Remote Command Execution |
Charles FOL |
|
| 2024-03-30 |
FoF Pretty Mail 1.1.2 Command Injection |
Chokri Hammedi |
|
| 2024-03-30 |
Intel PowerGadget 3.6 Local Privilege Escalation |
Julian Horoszkiewicz |
|
| 2024-03-30 |
Wazuh Dashboard - Information Discoluser |
parsa rezaie khiabanloo |
|
| 2024-03-30 |
SolarView Compact 6.00 - Command Injection Bypass authentication |
parsa rezaie khiabanloo |
|
| 2024-03-28 |
Siklu MultiHaul TG series < 2.0.0 unauthenticated credential disclosure |
semaja2 |
|
