|
2018-04-16
|
|
MikroTik 6.41.4 - FTP daemon Denial of Service PoC
|
26 |
WEB
|
FarazPajohan
|
|
2018-04-16
|
|
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution
|
52 |
WEB
|
Hans Topo
|
|
2018-04-16
|
|
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC)
|
52 |
WEB
|
Vitalii Rudnykh
|
|
2018-04-10
|
|
CyberArk Password Vault Web Access < 9.9.5 / < 9.10 / 10.1 - Remote Code Execution
|
27 |
WEB
|
RedTeam Pentesting
|
|
2018-04-04
|
|
ProcessMaker Plugin Code Execution
|
38 |
WEB
|
Brendan Coles
|
|
2018-04-04
|
|
DuckDuckGo 4.2.0 WebRTC Private IP Leakage
|
37 |
WEB
|
Brendan Coles
|
|
2018-04-02
|
|
Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload (Metasploit)
|
45 |
WEB
|
Touhid M.Shaikh
|
|
2018-04-02
|
|
osCommerce 2.3.4.1 - Remote Code Execution
|
40 |
WEB
|
Simon Scannell
|
|
2018-04-02
|
|
Homematic CCU2 2.29.23 - Remote Command Execution
|
37 |
WEB
|
Gregor Kopf
|
|
2018-04-02
|
|
Homematic CCU2 2.29.23 - Arbitrary File Write
|
56 |
WEB
|
Gregor Kopf
|
|
2018-03-30
|
|
Joomla Component Fields - SQLi Remote Code Execution (Metasploit)
|
52 |
WEB
|
luisco100
|
|
2018-03-30
|
|
Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Admin Session)
|
41 |
WEB
|
Stefan Horst
|
|
2018-03-30
|
|
Square 9 GlobalForms 6.2.x Blind SQL Injection
|
34 |
WEB
|
Darrell Damstedt
|
|
2018-03-29
|
|
TwonkyMedia Server 7.0.11-8.5 - Directory Traversal
|
31 |
WEB
|
Sven Fassbender
|
|
2018-03-27
|
|
ClipBucket beats_uploader Unauthenticated Arbitrary File Upload
|
39 |
WEB
|
Touhid M.Shaikh
|
|
2018-03-26
|
|
XenForo 2 - CSS Loader Denial of Service
|
28 |
WEB
|
LockedByte
|
|
2018-03-26
|
|
TL-WR720N 150Mbps Wireless N Router - Cross-Site Request Forgery
|
32 |
WEB
|
Mans van Someren
|
|
2018-03-26
|
|
Hikvision IP Camera versions 5.2.0 - 5.3.9 (Builds 140721 - 170109) - Access Control Bypass
|
57 |
WEB
|
Matamorphosis
|
|
2018-03-22
|
|
Cisco node-jos < 0.11.0 - Re-sign Tokens
|
38 |
WEB
|
zioBlack
|
|
2018-03-21
|
|
Intelbras Telefone IP TIP200 LITE - Local File Disclosure
|
37 |
WEB
|
anhax0r
|
|
2018-03-16
|
|
Spring Data REST < 2.6.9 (Ingalls SR9), 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution
|
50 |
WEB
|
Antonio Francesco Sardella
|
|
2018-03-13
|
|
Advantech WebAccess < 8.3 - Directory Traversal / Remote Code Execution
|
69 |
WEB
|
Chris Lyne
|
|
2018-03-13
|
|
ManageEngine Applications Manager 13.5 - Remote Code Execution (Metasploit)
|
45 |
WEB
|
Mehmet Ince
|
|
2018-03-07
|
|
Bravo Tejari Web Portal Cross Site Scripting
|
55 |
WEB
|
Arvind V.
|
|
2018-02-28
|
|
Concrete5 < 8.3.0 - Username / Comments Enumeration
|
67 |
WEB
|
Chapman Schleiss
|
