Blog RSSExploits RSSFacebook

WEB

Date D   Description Plat. Author
2020-01-16   Rukovoditel Project Management CRM 2.5.2 - 'reports_id' SQL Injection 35 WEB Fatih Çelik
2020-01-16   WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting 35 WEB V1n1v131r4
2020-01-15   Huawei HG255 - Directory Traversal (Metasploit) 34 WEB Ismail Tasdelen
2020-01-15   Online Book Store 1.0 - 'bookisbn' SQL Injection 37 WEB Ertebat Gostar Co
2020-01-14   IBM RICOH 6400 Printer - HTML Injection 34 WEB Ismail Tasdelen
2020-01-14   IBM RICOH InfoPrint 6500 Printer - HTML Injection 35 WEB Ismail Tasdelen
2020-01-13   Digi AnywhereUSB 14 - Reflective Cross-Site Scripting 39 WEB Raspina Net Pars Group
2020-01-13   Citrix Application Delivery Controller and Gateway 10.5 - Remote Code Execution (Metasploit) 35 WEB mekhalleh
2020-01-13   Chevereto 3.13.4 Core - Remote Code Execution 30 WEB Jinny Ramsmark
2020-01-11   Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution 34 WEB TrustedSec
2020-01-11   Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution (PoC) 33 WEB Project Zero India
2020-01-10   ASTPP 4.0.1 VoIP Billing - Database Backup Download 31 WEB Fabien AUNAY
2020-01-10   PixelStor 5000 K:4.0.1580-20150629 - Remote Code Execution 34 WEB .:UND3R:.
2020-01-10   Pandora 7.0NG - Remote Code Execution 28 WEB Askar
2020-01-09   Oracle Weblogic 10.3.6.0.0 - Remote Command Execution 30 WEB james
2019-12-31   Sony Playstation 4 (PS4) < 6.72 - WebKit Code Execution (PoC) 38 WEB TJ Corley
2020-01-08   Tomcat proprietaryEvaluate 9.0.0.M1 - Sandbox Escape 37 WEB hantwister
2020-01-08   Online Book Store 1.0 - Unauthenticated Remote Code Execution 41 WEB Tib3rius
2020-01-08   Codoforum 4.8.3 - 'input_txt' Persistent Cross-Site Scripting 37 WEB Vyshnav nk
2020-01-07   Complaint Management System 4.0 - Remote Code Execution 34 WEB Metin Yunus Kandemir
2020-01-07   piSignage 2.6.4 - Directory Traversal 34 WEB JunYeong Ko
2020-01-07   Job Portal 1.0 - Remote Code Execution 34 WEB Tib3rius
2019-12-24   Django < 3.0 < 2.2 < 1.11 - Account Hijack 36 WEB Ryuji Tsutsui
2020-01-06   Codoforum 4.8.3 - Persistent Cross-Site Scripting 38 WEB Prasanth
2020-01-06   Voyager 1.3.0 - Directory Traversal 38 WEB NgoAnhDuc
2020-01-06   Small CRM 2.0 - Authentication Bypass 34 WEB FULLSHADE
2020-01-06   elaniin CMS 1.0 - Authentication Bypass 34 WEB riamloo
2020-01-06   Hostel Management System 2.0 - 'id' SQL Injection 34 WEB FULLSHADE
2020-01-06   Subrion CMS 4.0.5 - Cross-Site Request Forgery (Add Admin) 32 WEB Ismail Tasdelen
2020-01-06   IBM RICOH Infoprint 1532 Printer - Persistent Cross-Site Scripting 36 WEB Ismail Tasdelen
2020-01-06   Complaint Management System 4.0 - 'cid' SQL injection 38 WEB FULLSHADE
2020-01-06   Dairy Farm Shop Management System 1.0 - 'username' SQL Injection 38 WEB Chris Inzinga
2020-01-03   Karakuzu ERP Management Web 5.7.0 - 'k_adi_duz' SQL Injection 36 WEB Hakan TAŞKÖPRÜ
2020-01-03   Online Course Registration 2.0 - Remote Code Execution 35 WEB Metin Yunus Kandemir
2020-01-02   BloodX 1.0 - Authentication Bypass 36 WEB riamloo
2020-01-02   Hospital Management System 4.0 - Persistent Cross-Site Scripting 38 WEB FULLSHADE
2020-01-02   Hospital Management System 4.0 - 'searchdata' SQL Injection 35 WEB FULLSHADE
2020-01-01   Hospital Management System 4.0 - Authentication Bypass 31 WEB Metin Yunus Kandemir
2020-01-01   IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal 33 WEB Raif Berkay Dincel
2020-01-01   Shopping Portal ProVersion 3.0 - Authentication Bypass 31 WEB Metin Yunus Kandemir
2019-12-31   WordPress Plugin Ultimate Addons for Beaver Builder 1.2.4.1 - Authentication Bypass 36 WEB Raphael Karger
2019-12-30   Heatmiser Netmonitor 3.03 - HTML Injection 36 WEB Ismail Tasdelen
2019-12-30   RICOH Web Image Monitor 1.09 - HTML Injection 32 WEB Ismail Tasdelen
2019-12-30   RICOH SP 4510SF Printer - HTML Injection 29 WEB Ismail Tasdelen
2019-12-30   MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 - Information Disclosure 31 WEB LiquidWorm
2019-12-30   Heatmiser Netmonitor 3.03 - Hardcoded Credentials 32 WEB Ismail Tasdelen
2019-12-30   AVE DOMINAplus 1.10.x - Authentication Bypass 32 WEB LiquidWorm
2019-12-30   AVE DOMINAplus 1.10.x - Cross-Site Request Forgery (enable/disable alarm) 32 WEB LiquidWorm
2019-12-30   AVE DOMINAplus 1.10.x - Unauthenticated Remote Reboot 27 WEB LiquidWorm
2019-12-30   AVE DOMINAplus 1.10.x - Credential Disclosure 31 WEB LiquidWorm
2019-12-30   WEMS BEMS 21.3.1 - Undocumented Backdoor Account 33 WEB LiquidWorm
2019-12-30   XEROX WorkCentre 7830 Printer - Cross-Site Request Forgery (Add Admin) 34 WEB Ismail Tasdelen
2019-12-30   XEROX WorkCentre 7855 Printer - Cross-Site Request Forgery (Add Admin) 31 WEB Ismail Tasdelen
2019-12-30   Thrive Smart Home 1.1 - Authentication Bypass 32 WEB LiquidWorm
2019-12-30   XEROX WorkCentre 6655 Printer - Cross-Site Request Forgery (Add Admin) 35 WEB Ismail Tasdelen
2019-12-30   elearning-script 1.0 - Authentication Bypass 31 WEB riamloo
2019-12-30   HomeAutomation 3.3.2 - Remote Code Execution 34 WEB LiquidWorm
2019-12-30   HomeAutomation 3.3.2 - Cross-Site Request Forgery (Add Admin) 32 WEB LiquidWorm
2019-12-30   HomeAutomation 3.3.2 - Authentication Bypass 31 WEB LiquidWorm
2019-12-30   HomeAutomation 3.3.2 - Persistent Cross-Site Scripting 33 WEB LiquidWorm
2019-12-20   phpMyChat-Plus 1.98 - 'pmc_username' Reflected Cross-Site Scripting 32 WEB Chris Inzinga
2019-12-19   Deutsche Bahn Ticket Vending Machine Local Kiosk - Privilege Escalation 33 WEB Vulnerability-Lab
2019-12-18   Telerik UI - Remote Code Execution via Insecure Deserialization 34 WEB Bishop Fox
2019-12-18   Rumpus FTP Web File Manager 8.2.9.1 - Reflected Cross-Site Scripting 32 WEB Harshit Shukla
2019-12-18   Xerox AltaLink C8035 Printer - Cross-Site Request Forgery (Add Admin) 34 WEB Ismail Tasdelen
2019-12-18   Tautulli 2.1.9 - Cross-Site Request Forgery (ShutDown) 41 WEB Ismail Tasdelen
2019-12-17   NopCommerce 4.2.0 - Privilege Escalation 37 WEB Alessandro Magnosi
2019-12-17   Netgear R6400 - Remote Code Execution 37 WEB Kevin Randall
2019-12-17   Zendesk App SweetHawk Survey 1.6 - Persistent Cross-Site Scripting 31 WEB MTK
2019-12-16   D-Link DIR-615 - Privilege Escalation 37 WEB Sanyam Chawla
2019-12-16   Roxy Fileman 1.4.5 - Directory Traversal 35 WEB Patrik Lantz
2019-12-16   D-Link DIR-615 Wireless Router  -  Persistent Cross-Site Scripting 32 WEB Sanyam Chawla
2019-12-13   NVMS 1000 - Directory Traversal 33 WEB numan türle
2019-12-12   Bullwark Momentum Series JAWS 1.0 - Directory Traversal 34 WEB numan türle
2019-12-12   OpenNetAdmin 18.1.1 - Command Injection Exploit (Metasploit) 35 WEB Onur ER
2019-12-11   Apache Olingo OData 4.0 - XML External Entity Injection 28 WEB Compass Security
2019-12-10   Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution 36 WEB LiquidWorm
2019-12-10   Inim Electronics Smartliving SmartLAN 6.x - Unauthenticated Server-Side Request Forgery 30 WEB LiquidWorm
2019-12-09   Oracle Siebel Sales 8.1 - Persistent Cross-Site Scripting 29 WEB omurugur
2019-12-09   Alcatel-Lucent Omnivista 8770 - Remote Code Execution 33 WEB 0x1911
2019-12-09   Yachtcontrol Webapplication 1.0 - Unauthenticated Remote Code Execution 26 WEB Hodorsec
2019-12-09   PRO-7070 Hazır Profesyonel Web Sitesi 1.0 - Authentication Bypass 27 WEB Ahmet Ümit BAYRAM
2019-12-09   Snipe-IT Open Source Asset Management 4.7.5 - Persistent Cross-Site Scripting 36 WEB Metin Yunus Kandemir
2019-12-06   Verot 2.0.3 - Remote Code Execution 35 WEB Jinny Ramsmark
2019-12-05   Broadcom CA Privilged Access Manager 2.8.2 - Remote Command Execution 29 WEB Peter Lapp
2019-12-04   OwnCloud 8.1.8 - Username Disclosure 29 WEB Daniel Moreno
2019-12-04   Online Clinic Management System 2.2 - HTML Injection 30 WEB Cemal Cihad ÇİFTÇİ
2019-12-03   Revive Adserver 4.2 - Remote Code Execution 33 WEB crlf
2019-12-03   Intelbras Router RF1200 1.1.3 - Cross-Site Request Forgery 31 WEB Prof. Joas Antonio
2019-12-03   Online Invoicing System 2.6 - 'description' Persistent Cross-Site Scripting 32 WEB Cemal Cihad ÇİFTÇİ
2019-12-02   Dokuwiki 2018-04-22b - Username Enumeration 29 WEB Talha ŞEN
2019-12-02   SmartHouse Webapp 6.5.33 - Cross-Site Request Forgery 27 WEB LiquidWorm
2019-11-29   Online Inventory Manager 3.2 - Persistent Cross-Site Scripting 33 WEB Cemal Cihad ÇİFTÇİ
2019-11-28   Mersive Solstice 2.8.0 - Remote Code Execution 32 WEB Alexandre Teyar
2019-11-28   WordPress Core 5.3 - User Disclosure 36 WEB SajjadBnd
2019-11-21   Network Management Card 6.2.0 - Host Header Injection 29 WEB Amal E Thamban
2019-11-21   TestLink 1.9.19 - Persistent Cross-Site Scripting 31 WEB Milad Khoshdel
2019-11-20   OpenNetAdmin 18.1.1 - Remote Code Execution 33 WEB mattpascoe
2019-10-14   WordPress Core < 5.2.3 - Viewing Unauthenticated/Password/Private Posts 31 WEB Sebastian Neef
2019-10-14   Apache Httpd mod_rewrite - Open Redirects 30 WEB Sebastian Neef
2019-10-14   Apache Httpd mod_proxy - Error Page Cross-Site Scripting 34 WEB Sebastian Neef
2019-11-18   TemaTres 3.0 - 'value' Persistent Cross-site Scripting 33 WEB Pablo Santiago
2019-11-18   TemaTres 3.0 - Cross-Site Request Forgery (Add Admin) 35 WEB Pablo Santiago
2019-11-18   Centova Cast 3.2.11 - Arbitrary File Download 31 WEB DroidU
2019-11-18   Crystal Live HTTP Server 6.01 - Directory Traversal 35 WEB numan türle
2019-11-18   Lexmark Services Monitor 2.27.4.0.39 - Directory Traversal 35 WEB Kevin Randall
2019-11-14   Xfilesharing 2.5.1 - Arbitrary File Upload 36 WEB Noman Riffat
2019-11-13   Fastweb Fastgate 0.00.81 - Remote Code Execution 41 WEB Riccardo Gasparini
2019-11-13   gSOAP 2.8 - Directory Traversal 35 WEB numan türle
2019-11-13   Technicolor TC7300.B0 - 'hostname' Persistent Cross-Site Scripting 32 WEB Luis Santana
2019-11-13   Technicolor TD5130.2 - Remote Command Execution 27 WEB João Teles
2019-11-13   FUDForum 3.0.9 - Remote Code Execution 28 WEB liquidsky
2019-11-13   Linear eMerge E3 1.00-06 - Remote Code Execution 33 WEB LiquidWorm
2019-11-12   FlexAir Access Control 2.3.35 - Authentication Bypass 29 WEB LiquidWorm
2019-11-12   Adrenalin Core HCM 5.4.0 - 'ReportID' Reflected Cross-Site Scripting 26 WEB Cy83rl0gger
2019-11-12   Optergy 2.3.0a - Remote Code Execution (Backdoor) 33 WEB LiquidWorm
2019-11-12   Optergy 2.3.0a - Username Disclosure 30 WEB LiquidWorm
2019-11-12   Optergy 2.3.0a - Cross-Site Request Forgery (Add Admin) 30 WEB LiquidWorm
2019-11-12   FlexAir Access Control 2.4.9api3 - Remote Code Execution 32 WEB LiquidWorm
2019-11-12   Optergy 2.3.0a - Remote Code Execution 34 WEB LiquidWorm
2019-11-12   Atlassian Confluence 6.15.1 - Directory Traversal (Metasploit) 30 WEB max7253
2019-11-12   Prima Access Control 2.3.35 - Arbitrary File Upload 28 WEB LiquidWorm
2019-11-12   Prima Access Control 2.3.35 - 'HwName' Persistent Cross-Site Scripting 33 WEB LiquidWorm
2019-11-12   CBAS-Web 19.0.0 - 'id' Boolean-based Blind SQL Injection 27 WEB LiquidWorm
2019-11-12   CBAS-Web 19.0.0 - Username Enumeration 28 WEB LiquidWorm