Blog RSSExploits RSSFacebook

WEB

Date D   Description Plat. Author
2018-04-16   Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution 54 WEB Hans Topo
2018-04-16   Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC) 56 WEB Vitalii Rudnykh
2018-04-10   CyberArk Password Vault Web Access < 9.9.5 / < 9.10 / 10.1 - Remote Code Execution 29 WEB RedTeam Pentesting
2018-04-04   ProcessMaker Plugin Code Execution 40 WEB Brendan Coles
2018-04-04   DuckDuckGo 4.2.0 WebRTC Private IP Leakage 38 WEB Brendan Coles
2018-04-02   Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload (Metasploit) 46 WEB Touhid M.Shaikh
2018-04-02   osCommerce 2.3.4.1 - Remote Code Execution 41 WEB Simon Scannell
2018-04-02   Homematic CCU2 2.29.23 - Remote Command Execution 42 WEB Gregor Kopf
2018-04-02   Homematic CCU2 2.29.23 - Arbitrary File Write 57 WEB Gregor Kopf
2018-03-30   Joomla Component Fields - SQLi Remote Code Execution (Metasploit) 54 WEB luisco100
2018-03-30   Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Admin Session) 43 WEB Stefan Horst
2018-03-30   Square 9 GlobalForms 6.2.x Blind SQL Injection 34 WEB Darrell Damstedt
2018-03-29   TwonkyMedia Server 7.0.11-8.5 - Directory Traversal 31 WEB Sven Fassbender
2018-03-27   ClipBucket beats_uploader Unauthenticated Arbitrary File Upload 39 WEB Touhid M.Shaikh
2018-03-26   XenForo 2 - CSS Loader Denial of Service 28 WEB LockedByte
2018-03-26   TL-WR720N 150Mbps Wireless N Router - Cross-Site Request Forgery 33 WEB Mans van Someren
2018-03-26   Hikvision IP Camera versions 5.2.0 - 5.3.9 (Builds 140721 - 170109) - Access Control Bypass 59 WEB Matamorphosis
2018-03-22   Cisco node-jos < 0.11.0 - Re-sign Tokens 41 WEB zioBlack
2018-03-21   Intelbras Telefone IP TIP200 LITE - Local File Disclosure 39 WEB anhax0r
2018-03-16   Spring Data REST < 2.6.9 (Ingalls SR9), 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution 55 WEB Antonio Francesco Sardella
2018-03-13   Advantech WebAccess < 8.3 - Directory Traversal / Remote Code Execution 69 WEB Chris Lyne
2018-03-13   ManageEngine Applications Manager 13.5 - Remote Code Execution (Metasploit) 45 WEB Mehmet Ince
2018-03-07   Bravo Tejari Web Portal Cross Site Scripting 56 WEB Arvind V.
2018-02-28   Concrete5 < 8.3.0 - Username / Comments Enumeration 67 WEB Chapman Schleiss
2018-02-26   AsusWRT LAN Unauthenticated Remote Code Execution 65 WEB Pedro Ribeiro