Blog RSSExploits RSSFacebook

WEB

Date D   Description Plat. Author
2018-01-30   Advantech WebAccess < 8.3 - SQL Injection 55 WEB Chris Lyne
2018-01-29   Asus Router Cross Site Script / Authentication Bypass 59 WEB 4TT4CK3R
2018-01-29   ASUS DSL-N14U B1 Router 1.1.2.3_345 - Change Administrator Password 56 WEB Víctor Calvo
2018-01-24   Kaltura Remote PHP Code Execution 58 WEB Robin Verton
2018-01-24   GoAhead Web Server LD_PRELOAD Arbitrary Module Load 48 WEB h00die
2018-01-24   Photography CMS 1.0 - Cross-Site Request Forgery (Add Admin) 58 WEB Ihsan Sencan
2018-01-22   Simple ASC CMS 1.2 Database Disclosure 55 WEB indoushka
2018-01-22   PHPFreeChat 1.7 - Denial of Service 50 WEB A. Pakbaz
2018-01-19   Primefaces 5.x - Remote Code Execution (Metasploit) 50 WEB Bjoern Schuette
2018-01-16   Adminer 4.3.1 - Server-Side Request Forgery 53 WEB hyp3rlinx
2018-01-16   pfSense < 2.1.4 - 'status_rrd_graph_img.php' Command Injection 35 WEB absolomb
2018-01-12   D-Link Routers 110/412/615/815 < 1.03 - 'service.cgi' Arbitrary Code Execution 56 WEB Cr0n1c
2018-01-12   SAP NetWeaver J2EE Engine 7.40 - SQL Injection 37 WEB Vahagn Vardanyan
2018-01-11   Samsung SRN-1670D Web Viewer 1.0.0.193 Arbitrary File Read / Upload 51 WEB Algeria
2018-01-11   phpCollab 2.5.1 Unauthenticated File Upload 46 WEB Nick Marcoccio
2018-01-10   Synology Photostation 6.7.2-3429 - Remote Code Execution (Metasploit) 35 WEB James Bercegay
2018-01-09   FiberHome LM53Q1 - Multiple Vulnerabilities 38 WEB Ibad Shah
2018-01-05   D-Link DNS-320L 'mydlinkBRionyg' Backdoor 45 WEB James Bercegay
2018-01-05   Western Digital WDMyCloud 'mydlinkBRionyg' Backdoor 37 WEB James Bercegay
2018-01-04   Linksys WVBR0-25 User-Agent Command Execution 26 WEB HeadlessZeke
2018-01-02   Huawei Router HG532 - Arbitrary Command Execution 43 WEB anonymous
2017-12-28   DotNetNuke DreamSlider 01.01.02 - Arbitrary File Download 37 WEB Glafkos Charalambous
2017-12-27   Sendroid < 6.5.0 - SQL Injection 33 WEB Onwuka Gideon
2017-12-21   Ability Mail Server 3.3.2 - Cross-Site Scripting 26 WEB Aloyce J. Makalanga
2017-12-19   Linksys WVBR0 - 'User-Agent' Remote Command Injection 34 WEB nixawk