Blog RSSExploits RSSFacebook

WEB

Date D   Description Plat. Author
2018-10-01   Hotel Booking Engine 1.0 - 'h_room_type' SQL Injection 33 WEB Ihsan Sencan
2018-10-01   Fork CMS 5.4.0 - Cross-Site Scripting 37 WEB Ismail Tasdelen
2018-10-01   ManageEngine AssetExplorer 6.2.0 - Cross-Site Scripting 34 WEB Ismail Tasdelen
2018-10-01   H2 Database 1.4.196 - Remote Code Execution 32 WEB h4ckNinja
2018-09-27   Rausoft ID.prove 2.95 - 'Username' SQL injection 36 WEB Ilya Timchenko
2018-09-27   ManageEngine Desktop Central 10.0.271 - Cross-Site Scripting 38 WEB Ismail Tasdelen
2018-09-27   iWay Data Quality Suite Web Console 10.6.1.ga - XML External Entity Injection 35 WEB Sureshbabu Narvaneni
2018-09-25   Joomla! Component Responsive Portfolio 1.6.1 - 'filter_order_Dir' SQL Injection 38 WEB AkkuS
2018-09-25   RICOH MP C406Z Printer - Cross-Site Scripting 32 WEB Ismail Tasdelen
2018-09-25   RICOH MP 305+ Printer - Cross-Site Scripting 32 WEB Ismail Tasdelen
2018-09-25   Joomla! Component Timetable Schedule 3.6.8 - SQL Injection 34 WEB Ihsan Sencan
2018-09-25   Joomla! Component Article Factory Manager 4.3.9 - SQL Injection 37 WEB Ihsan Sencan
2018-09-25   Joomla! Component AlphaIndex Dictionaries 1.0 - SQL Injection 29 WEB Ihsan Sencan
2018-09-25   Joomla! Component Reverse Auction Factory 4.3.8 - SQL Injection 32 WEB Ihsan Sencan
2018-09-25   Joomla! Component Collection Factory 4.1.9 - SQL Injection 28 WEB Ihsan Sencan
2018-09-25   Joomla! Component Swap Factory 2.2.1 - SQL Injection 31 WEB Ihsan Sencan
2018-09-25   Joomla! Component eXtroForms 2.1.5 - 'filter_type_id' SQL Injection 35 WEB AkkuS
2018-09-25   RICOH MP C6503 Plus Printer - Cross-Site Scripting 28 WEB Ismail Tasdelen
2018-09-25   Joomla! Component Social Factory 3.8.3 - SQL Injection 29 WEB Ihsan Sencan
2018-09-25   Joomla! Component Jobs Factory 2.0.4 - SQL Injection 30 WEB Ihsan Sencan
2018-09-25   Joomla! Component Questions 1.4.3 - SQL Injection 29 WEB Ihsan Sencan
2018-09-25   Joomla! Component Penny Auction Factory 2.0.4 - SQL Injection 32 WEB Ihsan Sencan
2018-09-25   Joomla! Component Music Collection 3.0.3 - SQL Injection 32 WEB Ihsan Sencan
2018-09-25   Joomla! Component Raffle Factory 3.5.2 - SQL Injection 37 WEB Ihsan Sencan
2018-09-25   Super Cms Blog Pro 1.0 - SQL Injection 34 WEB Ihsan Sencan
2018-09-25   Joomla! Component Dutch Auction Factory 2.0.2 - 'filter_order_Dir' SQL Injection 35 WEB Ihsan Sencan
2018-09-25   RICOH MP C2003 Printer - Cross-Site Scripting 39 WEB Ismail Tasdelen
2018-09-24   RICOH MP C6003 Printer - Cross-Site Scripting 36 WEB Ismail Tasdelen
2018-09-24   Joomla! Component Auction Factory 4.5.5 - 'filter_order' SQL Injection 38 WEB Ihsan Sencan
2018-09-24   RICOH Aficio MP 301 Printer - Cross-Site Scripting 36 WEB Ismail Tasdelen
2018-09-24   Joomla! Component Micro Deal Factory 2.4.0 - 'id' SQL Injection 34 WEB Ihsan Sencan
2018-09-24   Joomla! Component AMGallery 1.2.3 - 'filter_category_id' SQL Injection 31 WEB Ihsan Sencan
2018-09-24   MyBB Visual Editor 1.8.18 - Cross-Site Scripting 36 WEB Numan OZDEMIR
2018-09-24   LG SuperSign EZ CMS 2.5 - Remote Code Execution 33 WEB Alejandro Fanjul
2018-09-24   Joomla! Component CW Article Attachments 1.0.6 - 'id' SQL Injection 40 WEB Haboob Team
2018-09-21   Collectric CMU 1.0 - 'lang' Hard-Coded Credentials / SQL injection 35 WEB Simon Brannstrom
2018-09-24   Navigate CMS 2.8 - Cross-Site Scripting 40 WEB Renzi
2018-09-19   LG SuperSign EZ CMS 2.5 - Local File Inclusion 40 WEB Alejandro Fanjul
2018-09-19   WordPress Plugin Localize My Post 1.0 - Local File Inclusion 41 WEB Manuel García Cárdenas
2018-09-19   WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion 36 WEB Manuel García Cárdenas
2018-09-19   Roundcube rcfilters plugin 2.1.6 - Cross-Site Scripting 31 WEB Fahimeh Rezaei
2018-09-18   WordPress Plugin Arigato Autoresponder and Newsletter 2.5 - Blind SQL Injection / Reflected Cross-Si 36 WEB Larry W. Cashdollar
2018-09-18   WordPress Plugin Arigato Autoresponder and Newsletter 2.5 - Blind SQL Injection / Reflected Cross-Si 34 WEB Larry W. Cashdollar
2018-09-17   Joomla! Component JCK Editor 6.4.4 - 'parent' SQL Injection 35 WEB Hamza Megahed
2018-09-17   Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Scripting 37 WEB cakes
2018-09-14   WordPress Plugin Survey & Poll 1.5.7.3 - 'sss_params' SQL Injection 39 WEB Ceylan BOZOĞULLARINDAN
2018-09-14   Watchguard AP100 AP102 AP200 1.2.9.15 - Remote Code Execution (Metasploit) 34 WEB Stephen Shkardoon
2018-09-14   Watchguard AP100 AP102 AP200 1.2.9.15 - Remote Code Execution (Metasploit) 34 WEB Stephen Shkardoon
2018-09-13   Apache Syncope 2.0.7 - Remote Code Execution 38 WEB Che-Chun Kuo
2018-09-13   Apache Portals Pluto 3.0.0 - Remote Code Execution 35 WEB Che-Chun Kuo
2018-09-12   LG Smart IP Camera 1508190 - Backup File Download 31 WEB Ege Balci
2018-09-12   MyBB 1.8.17 - Cross-Site Scripting 34 WEB 0xB9
2018-09-12   IBM Identity Governance and Intelligence 5.2.3.2 / 5.2.4 - SQL Injection 33 WEB Mohamed Sayed
2018-09-12   SynaMan 4.0 build 1488 - SMTP Credential Disclosure 33 WEB bzyo
2018-09-12   SynaMan 4.0 build 1488 - (Authenticated) Cross-Site Scripting 36 WEB bzyo
2018-09-12   Rubedo CMS 3.4.0 - Directory Traversal 31 WEB Marouene Boubakri
2018-09-12   CirCarLife SCADA 4.3.0 - Credential Disclosure 29 WEB SadFud
2018-09-11   Bayanno Hospital Management System 4.0 - Cross-Site Scripting 33 WEB Gokhan Sagoglu
2018-09-04   RPi Cam Control < 6.4.25 - 'preview.php' Remote Command Execution 31 WEB Reigning Shells
2018-09-10   LW-N605R 12.20.2.1486 - Remote Code Execution 35 WEB Nassim Asrir
2018-09-07   QNAP Photo Station 5.7.0 - Cross-Site Scripting 35 WEB Mitsuaki Shiraishi
2018-09-07   Softneta MedDream PACS Server Premium 6.7.1.1 - Directory Traversal 37 WEB Carlos Avila
2018-09-07   MedDream PACS Server Premium 6.7.1.1 - 'email' SQL Injection 30 WEB Carlos Avila
2018-09-06   D-Link Dir-600M N150 - Cross-Site Scripting 30 WEB PUNIT DARJI
2018-09-06   WirelessHART Fieldgate SWG70 3.0 - Directory Traversal 33 WEB Hamit CİBO
2018-09-06   Apache Roller 5.0.3 - XML External Entity Injection (File Disclosure) 29 WEB Marko Jokic
2018-09-06   Jorani Leave Management 0.6.5 - (Authenticated) 'startdate' SQL Injection 37 WEB Javier Olmedo
2018-09-06   Jorani Leave Management 0.6.5 - Cross-Site Scripting 33 WEB Javier Olmedo
2018-09-06   NovaRad NovaPACS Diagnostics Viewer 8.5 - XML External Entity Injection (File Disclosure) 38 WEB LiquidWorm
2018-09-05   Tenda ADSL Router D152 - Cross-Site Scripting 35 WEB Sandip Dey
2018-09-04   mooSocial Store Plugin 2.6 - SQL Injection 34 WEB Andrea Bocchetti
2018-09-04   Simple POS 4.0.24 - 'columns[0][search][value]' SQL Injection 34 WEB Renos Nikolaou
2018-09-04   PHP File Browser Script 1 - Directory Traversal 33 WEB AkkuS
2018-09-04   Logicspice FAQ Script 2.9.7 - Remote Code Execution 32 WEB AkkuS
2018-09-03   Online Quiz Maker 1.0 - 'catid' SQL Injection 27 WEB AkkuS
2018-09-03   Admidio 3.3.5 - Cross-Site Request Forgery (Change Permissions) 27 WEB Nawaf Alkeraithe
2018-09-03   FsPro Labs Event Log Explorer v4.6.1.2115 - XML External Entity Injection 39 WEB hyp3rlinx
2018-08-31   DamiCMS 6.0.0 - Cross-Site Request Forgery (Change Admin Password) 33 WEB Autism_JH
2018-08-31   Vox TG790 ADSL Router - Cross-Site Scripting 35 WEB cakes
2018-08-30   Cybrotech CyBroHttpServer 1.0.3 - Cross-Site Scripting 37 WEB Emre ÖVÜNÇ
2018-08-30   WordPress Plugin Quizlord 2.0 - Cross-Site Scripting 34 WEB Renos Nikolaou
2018-08-30   DLink DIR-601 - Credential Disclosure 32 WEB Kevin Randall
2018-08-30   WordPress Plugin Jibu Pro 1.7 - Cross-Site Scripting 34 WEB Renos Nikolaou
2018-08-30   Cybrotech CyBroHttpServer 1.0.3 - Directory Traversal 36 WEB Emre ÖVÜNÇ
2018-08-29   Argus Surveillance DVR 4.0.0.0 - Directory Traversal 33 WEB hyp3rlinx
2018-08-29   Episerver 7 patch 4 - XML External Entity Injection 38 WEB Jonas Lejon
2018-08-29   phpMyAdmin 4.7.x - Cross-Site Request Forgery 34 WEB VulnSpy
2018-08-27   WordPress Plugin Plainview Activity Monitor 20161228 - (Authenticated) Command Injection 33 WEB Lydéric Lefebvre
2018-08-27   Responsive FileManager < 9.13.4 - Directory Traversal 32 WEB Simon Uvarov
2018-08-27   Seagate Personal Cloud SRN21C 4.3.16.0 / 4.3.18.0 - SQL Injection 36 WEB Yorick Koster
2018-08-27   LiteCart 2.1.2 - Arbitrary File Upload 35 WEB Haboob Team
2018-08-27   Sentrifugo HRMS 3.2 - 'deptid' SQL Injection 37 WEB Javier Olmedo
2018-08-27   RICOH MP C4504ex Printer - Cross-Site Request Forgery (Add Admin) 35 WEB Ismail Tasdelen
2018-08-27   Gleez CMS 1.2.0 - Cross-Site Request Forgery (Add Admin) 32 WEB GunEggWang
2018-08-26   ManageEngine ADManager Plus 6.5.7 - Cross-Site Scripting 32 WEB Ismail Tasdelen
2018-08-26   WordPress Plugin Gift Voucher 1.0.5 - (Authenticated) 'template_id' SQL Injection 30 WEB Renos Nikolaou
2018-08-25   ManageEngine ADManager Plus 6.5.7 - HTML Injection 29 WEB Ismail Tasdelen
2018-08-25   UltimatePOS 2.5 - Remote Code Execution 36 WEB Renos Nikolaou
2018-08-24   Vox TG790 ADSL Router - Cross-Site Request Forgery (Add Admin) 34 WEB cakes
2018-08-23   PCViewer vt1000 - Directory Traversal 33 WEB Berk Dusunur
2018-08-23   Twitter-Clone 1 - 'code' SQL Injection 39 WEB L0RD
2018-08-22   Geutebrueck re_porter 16 - Cross-Site Scripting 39 WEB Kamil Suska
2018-08-22   Geutebrueck re_porter 7.8.974.20 - Credential Disclosure 37 WEB Kamil Suska
2018-08-22   KingMedia 4.1 - File Upload 35 WEB Efrén Díaz
2018-08-22   ZyXEL VMG3312-B10B - Cross-Site Scripting 37 WEB Samet ŞAHİN
2018-08-21   WordPress Plugin Ninja Forms 3.3.13 - CSV Injection 33 WEB Mostafa Gharzi
2018-08-21   Twitter-Clone 1 - Cross-Site Request Forgery (Delete Post) 28 WEB L0RD
2018-08-21   Hikvision IP Camera 5.4.0 - User Enumeration (Metasploit) 33 WEB Alfie
2018-08-21   Twitter-Clone 1 - 'userid' SQL Injection 27 WEB L0RD
2018-08-20   Countly - Cross-Site Scripting 31 WEB Sleepy
2018-08-20   WordPress Plugin Tagregator 0.6 - Cross-Site Scripting 31 WEB ManhNho
2018-08-20   MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Request Forgery 32 WEB 0xB9
2018-08-20   WordPress Plugin Chained Quiz 1.0.8 - 'answer' SQL Injection 31 WEB Çlirim Emini
2018-08-17   ADM 3.1.2RHG1 - Remote Code Execution 34 WEB Matthew Fulton
2018-08-17   Mikrotik WinBox 6.42 - Credential Disclosure (golang) 31 WEB Maxim Yefimenko
2018-08-16   Pimcore 5.2.3 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery 41 WEB SEC Consult
2018-08-16   Pimcore 5.2.3 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery 33 WEB SEC Consult
2018-08-16   Pimcore 5.2.3 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery 39 WEB SEC Consult
2018-08-16   WordPress Plugin Export Users to CSV 1.1.1 - CSV Injection 38 WEB Javier Olmedo
2018-08-16   OpenEMR 5.0.1.3 - (Authenticated) Arbitrary File Actions 35 WEB Joshua Fam
2018-08-15   ASUS-DSL N10 1.1.2.2_17 - Authentication Bypass 34 WEB AmnBAN
2018-08-15   ASUSTOR ADM 3.1.0.RFQ3 - Remote Command Execution / SQL Injection 34 WEB Kyle Lovett
2018-08-14   Oracle Glassfish OSE 4.1 - Path Traversal (Metasploit) 31 WEB Dhiraj Mishra
2018-08-14   Oracle GlassFish Server Open Source Edition 4.1 - Path Traversal (Metasploit) 33 WEB Metasploit
2018-08-14   Oracle GlassFish Server Open Source Edition 4.1 - Path Traversal (Metasploit) 28 WEB Metasploit