FreshRSS

๐Ÿ”’
โŒ Secure Planet Training Courses Updated For 2019 - Click Here
โ˜ท
โ–ณ ๐Ÿ”ƒ
There are new available articles, click to refresh the page.
Before yesterdayExploit-DB Updates

[webapps] Joomla VirtueMart Shopping Cart 4.0.12 - Reflected XSS

Joomla VirtueMart Shopping Cart 4.0.12 - Reflected XSS

[webapps] WordPress Plugin AN_Gradebook 5.0.1 - SQLi

WordPress Plugin AN_Gradebook 5.0.1 - SQLi

[webapps] PaulPrinting CMS - (Search Delivery) Cross Site Scripting

PaulPrinting CMS - (Search Delivery) Cross Site Scripting

[webapps] Dooblou WiFi File Explorer 1.13.3 - Multiple Vulnerabilities

Dooblou WiFi File Explorer 1.13.3 - Multiple Vulnerabilities

[webapps] Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities

Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities

[webapps] Perch v3.2 - Remote Code Execution (RCE)

Perch v3.2 - Remote Code Execution (RCE)

[webapps] Perch v3.2 - Stored XSS

Perch v3.2 - Stored XSS

[webapps] RWS WorldServer 11.7.3 - Session Token Enumeration

RWS WorldServer 11.7.3 - Session Token Enumeration

[webapps] Aures Booking & POS Terminal - Local Privilege Escalation

Aures Booking & POS Terminal - Local Privilege Escalation

[webapps] pfSense v2.7.0 - OS Command Injection

pfSense v2.7.0 - OS Command Injection

[webapps] Wifi Soft Unibox Administration 3.0 & 3.1 - SQL Injection

Wifi Soft Unibox Administration 3.0 & 3.1 - SQL Injection

[remote] Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege + RCE.

Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege + RCE.

[local] RaidenFTPD 2.4.4005 - Buffer Overflow (SEH)

RaidenFTPD 2.4.4005 - Buffer Overflow (SEH)

[webapps] Boom CMS v8.0.7 - Cross Site Scripting

Boom CMS v8.0.7 - Cross Site Scripting

[webapps] Webile v1.0.1 - Multiple Cross Site Scripting

Webile v1.0.1 - Multiple Cross Site Scripting

[webapps] PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities

PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities

[webapps] Online Piggery Management System v1.0 - unauthenticated file upload vulnerability

Online Piggery Management System v1.0 - unauthenticated file upload vulnerability

[webapps] CmsMadeSimple v2.2.17 - Remote Code Execution (RCE)

CmsMadeSimple v2.2.17 - Remote Code Execution (RCE)

[webapps] CmsMadeSimple v2.2.17 - session hijacking via Server-Side Template Injection (SSTI)

CmsMadeSimple v2.2.17 - session hijacking via Server-Side Template Injection (SSTI)

[webapps] Statamic 4.7.0 - File-Inclusion

Statamic 4.7.0 - File-Inclusion

[webapps] CmsMadeSimple v2.2.17 - Stored Cross-Site Scripting (XSS)

CmsMadeSimple v2.2.17 - Stored Cross-Site Scripting (XSS)

[webapps] ABB FlowX v4.00 - Exposure of Sensitive Information

ABB FlowX v4.00 - Exposure of Sensitive Information

[webapps] Blackcat Cms v1.4 - Stored XSS

Blackcat Cms v1.4 - Stored XSS

[webapps] Blackcat Cms v1.4 - Remote Code Execution (RCE)

Blackcat Cms v1.4 - Remote Code Execution (RCE)

[webapps] Backdrop Cms v1.25.1 - Stored Cross-Site Scripting (XSS)

Backdrop Cms v1.25.1 - Stored Cross-Site Scripting (XSS)

[webapps] Vaidya-Mitra 1.0 - Multiple SQLi

Vaidya-Mitra 1.0 - Multiple SQLi

[remote] Hikvision Hybrid SAN Ds-a71024 Firmware - Multiple Remote Code Execution

Hikvision Hybrid SAN Ds-a71024 Firmware - Multiple Remote Code Execution

[webapps] TP-Link TL-WR740N - Authenticated Directory Transversal

TP-Link TL-WR740N - Authenticated Directory Transversal

[webapps] PimpMyLog v1.7.14 - Improper access control

PimpMyLog v1.7.14 - Improper access control

[webapps] phpfm v1.7.9 - Authentication type juggling

phpfm v1.7.9 - Authentication type juggling

[webapps] Joomla! com_booking component 2.4.9 - Information Leak (Account enumeration)

Joomla! com_booking component 2.4.9 - Information Leak (Account enumeration)

[local] Microsoft Edge 114.0.1823.67 (64-bit) - Information Disclosure

Microsoft Edge 114.0.1823.67 (64-bit) - Information Disclosure

[webapps] News Portal v4.0 - SQL Injection (Unauthorized)

News Portal v4.0 - SQL Injection (Unauthorized)

[webapps] Icinga Web 2.10 - Authenticated Remote Code Execution

Icinga Web 2.10 - Authenticated Remote Code Execution

[webapps] ProjeQtOr Project Management System v10.4.1 - Multiple XSS

ProjeQtOr Project Management System v10.4.1 - Multiple XSS

[webapps] Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass

Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass

[webapps] Admidio v4.2.10 - Remote Code Execution (RCE)

Admidio v4.2.10 - Remote Code Execution (RCE)

[local] XAMPP 8.2.4 - Unquoted Path

XAMPP 8.2.4 - Unquoted Path

[webapps] Pluck v4.7.18 - Remote Code Execution (RCE)

Pluck v4.7.18 - Remote Code Execution (RCE)

[webapps] Spring Cloud 3.2.2 - Remote Command Execution (RCE)

Spring Cloud 3.2.2 - Remote Command Execution (RCE)

[webapps] Netlify CMS 2.10.192 - Stored Cross-Site Scripting (XSS)

Netlify CMS 2.10.192 - Stored Cross-Site Scripting (XSS)

[local] MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path "MTSchedulerService"

MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path "MTSchedulerService"

[local] MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path "MTAgentService"

MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path "MTAgentService"

[webapps] Frappe Framework (ERPNext) 13.4.0 - Remote Code Execution (Authenticated)

Frappe Framework (ERPNext) 13.4.0 - Remote Code Execution (Authenticated)

[webapps] BuildaGate5library v5 - Reflected Cross-Site Scripting (XSS)

BuildaGate5library v5 - Reflected Cross-Site Scripting (XSS)

[webapps] Ateme TITAN File 3.9 - SSRF File Enumeration

Ateme TITAN File 3.9 - SSRF File Enumeration

[local] AVG Anti Spyware 7.5 - Unquoted Service Path "AVG Anti-Spyware Guard"

AVG Anti Spyware 7.5 - Unquoted Service Path "AVG Anti-Spyware Guard"

[local] Game Jackal Server v5 - Unquoted Service Path "GJServiceV5"

Game Jackal Server v5 - Unquoted Service Path "GJServiceV5"

[webapps] Faculty Evaluation System v1.0 - SQL Injection

Faculty Evaluation System v1.0 - SQL Injection

[remote] Microsoft Outlook Microsoft 365 MSO (Version 2306 Build 16.0.16529.20100) 32-bit - Remote Code Execution

Microsoft Outlook Microsoft 365 MSO (Version 2306 Build 16.0.16529.20100) 32-bit - Remote Code Execution

[remote] Windows 10 v21H1 - HTTP Protocol Stack Remote Code Execution

Windows 10 v21H1 - HTTP Protocol Stack Remote Code Execution

[webapps] Gila CMS 1.10.9 - Remote Code Execution (RCE) (Authenticated)

Gila CMS 1.10.9 - Remote Code Execution (RCE) (Authenticated)

[webapps] Lost and Found Information System v1.0 - SQL Injection

Lost and Found Information System v1.0 - SQL Injection

[webapps] Piwigo v13.7.0 - Stored Cross-Site Scripting (XSS) (Authenticated)

Piwigo v13.7.0 - Stored Cross-Site Scripting (XSS) (Authenticated)

[webapps] Beauty Salon Management System v1.0 - SQLi

Beauty Salon Management System v1.0 - SQLi

[webapps] Car Rental Script 1.8 - Stored Cross-site scripting (XSS)

Car Rental Script 1.8 - Stored Cross-site scripting (XSS)

[webapps] spip v4.1.10 - Spoofing Admin account

spip v4.1.10 - Spoofing Admin account

[webapps] GZ Forum Script 1.8 - Stored Cross-Site Scripting (XSS)

GZ Forum Script 1.8 - Stored Cross-Site Scripting (XSS)

[webapps] Time Slot Booking Calendar 1.8 - Stored Cross-Site Scripting (XSS)

Time Slot Booking Calendar 1.8 - Stored Cross-Site Scripting (XSS)
โŒ