FreshRSS

๐Ÿ”’
โŒ Secure Planet Training Courses Updated For 2019 - Click Here
โ˜ท
โ–ณ ๐Ÿ”ƒ
There are new available articles, click to refresh the page.
Before yesterdayExploit-DB Updates

[webapps] SPA-CART CMS - Stored XSS

SPA-CART CMS - Stored XSS

[webapps] Craft CMS 4.4.14 - Unauthenticated Remote Code Execution

Craft CMS 4.4.14 - Unauthenticated Remote Code Execution

[webapps] MobileShop master v1.0 - SQL Injection Vuln.

MobileShop master v1.0 - SQL Injection Vuln.

[webapps] Insurance Management System PHP and MySQL 1.0 - Multiple Stored XSS

Insurance Management System PHP and MySQL 1.0 - Multiple Stored XSS

[remote] LBT-T300-mini1 - Remote Buffer Overflow

LBT-T300-mini1 - Remote Buffer Overflow

[webapps] Tourism Management System v2.0 - Arbitrary File Upload

Tourism Management System v2.0 - Arbitrary File Upload

[webapps] Wallos < 1.11.2 - File Upload RCE

Wallos

[webapps] LimeSurvey Community 5.3.32 - Stored XSS

LimeSurvey Community 5.3.32 - Stored XSS

[remote] minaliC 2.0.0 - Denied of Service

minaliC 2.0.0 - Denied of Service

[webapps] Blood Bank 1.0 - 'bid' SQLi

Blood Bank 1.0 - 'bid' SQLi

[webapps] Simple Task List 1.0 - 'status' SQLi

Simple Task List 1.0 - 'status' SQLi

[webapps] Employee Management System 1.0 - 'admin_id' SQLi

Employee Management System 1.0 - 'admin_id' SQLi

[webapps] Teacher Subject Allocation Management System 1.0 - 'searchdata' SQLi

Teacher Subject Allocation Management System 1.0 - 'searchdata' SQLi

[remote] HNAS SMU 14.8.7825 - Information Disclosure

HNAS SMU 14.8.7825 - Information Disclosure

[webapps] CSZCMS v1.3.0 - SQL Injection (Authenticated)

CSZCMS v1.3.0 - SQL Injection (Authenticated)

[webapps] Backdrop CMS 1.23.0 - Stored XSS

Backdrop CMS 1.23.0 - Stored XSS

[remote] TELSAT marKoni FM Transmitter 1.9.5 - Root Command Injection

TELSAT marKoni FM Transmitter 1.9.5 - Root Command Injection

[remote] TELSAT marKoni FM Transmitter 1.9.5 - Backdoor Account Information Disclosure

TELSAT marKoni FM Transmitter 1.9.5 - Backdoor Account Information Disclosure

[remote] TELSAT marKoni FM Transmitter 1.9.5 - Insecure Access Control Change Password

TELSAT marKoni FM Transmitter 1.9.5 - Insecure Access Control Change Password

[webapps] xbtitFM 4.1.18 - Multiple Vulnerabilities

xbtitFM 4.1.18 - Multiple Vulnerabilities

[webapps] Quick.CMS 6.7 - SQL Injection Login Bypass

Quick.CMS 6.7 - SQL Injection Login Bypass

[webapps] WordPress File Upload Plugin < 4.23.3 - Stored XSS

WordPress File Upload Plugin

[webapps] WEBIGniter v28.7.23 - Stored XSS

WEBIGniter v28.7.23 - Stored XSS

[webapps] TYPO3 11.5.24 - Path Traversal (Authenticated)

TYPO3 11.5.24 - Path Traversal (Authenticated)

[local] LaborOfficeFree 19.10 - MySQL Root Password Calculator

LaborOfficeFree 19.10 - MySQL Root Password Calculator

[webapps] Karaf v4.4.3 Console - RCE

Karaf v4.4.3 Console - RCE

[webapps] Winter CMS 1.2.3 - Server-Side Template Injection (SSTI) (Authenticated)

Winter CMS 1.2.3 - Server-Side Template Injection (SSTI) (Authenticated)

[webapps] Nokia BMC Log Scanner - Remote Code Execution

Nokia BMC Log Scanner - Remote Code Execution

[webapps] UPS Network Management Card 4 - Path Traversal

UPS Network Management Card 4 - Path Traversal

[local] vm2 - sandbox escape

vm2 - sandbox escape

[remote] Ruijie Switch PSG-5124 26293 - Remote Code Execution (RCE)

Ruijie Switch PSG-5124 26293 - Remote Code Execution (RCE)

[remote] GitLab CE/EE < 16.7.2 - Password Reset

GitLab CE/EE

[local] KiTTY 0.76.1.13 - 'Start Duplicated Session Hostname' Buffer Overflow

KiTTY 0.76.1.13 - 'Start Duplicated Session Hostname' Buffer Overflow

[local] KiTTY 0.76.1.13 - 'Start Duplicated Session Username' Buffer Overflow

KiTTY 0.76.1.13 - 'Start Duplicated Session Username' Buffer Overflow

[local] KiTTY 0.76.1.13 - Command Injection

KiTTY 0.76.1.13 - Command Injection

[remote] SolarView Compact 6.00 - Command Injection

SolarView Compact 6.00 - Command Injection

[remote] JetBrains TeamCity 2023.05.3 - Remote Code Execution (RCE)

JetBrains TeamCity 2023.05.3 - Remote Code Execution (RCE)

[remote] Viessmann Vitogate 300 2.1.3.0 - Remote Code Execution (RCE)

Viessmann Vitogate 300 2.1.3.0 - Remote Code Execution (RCE)

[webapps] OSGi v3.8-3.18 Console - RCE

OSGi v3.8-3.18 Console - RCE

[webapps] OSGi v3.7.2 (and below) Console - RCE

OSGi v3.7.2 (and below) Console - RCE

[webapps] Client Details System 1.0 - SQL Injection

Client Details System 1.0 - SQL Injection

[remote] VMware Cloud Director 10.5 - Bypass identity verification

VMware Cloud Director 10.5 - Bypass identity verification

[webapps] SnipeIT 6.2.1 - Stored Cross Site Scripting

SnipeIT 6.2.1 - Stored Cross Site Scripting

[webapps] Human Resource Management System 1.0 - 'employeeid' SQL Injection

Human Resource Management System 1.0 - 'employeeid' SQL Injection

[webapps] Adobe ColdFusion versions 2018,15 (and earlier) and 2021,5 and earlier - Arbitrary File Read

Adobe ColdFusion versions 2018,15 (and earlier) and 2021,5 and earlier - Arbitrary File Read

[webapps] Sitecore - Remote Code Execution v8.2

Sitecore - Remote Code Execution v8.2

[local] Microsoft Windows Defender / Trojan.Win32/Powessere.G - Detection Mitigation Bypass

Microsoft Windows Defender / Trojan.Win32/Powessere.G - Detection Mitigation Bypass

[webapps] TP-Link TL-WR740N - Buffer Overflow 'DOS'

TP-Link TL-WR740N - Buffer Overflow 'DOS'

[webapps] Numbas < v7.3 - Remote Code Execution

Numbas

[webapps] DataCube3 v1.0 - Unrestricted file upload 'RCE'

DataCube3 v1.0 - Unrestricted file upload 'RCE'

[webapps] Ladder v0.0.21 - Server-side request forgery (SSRF)

Ladder v0.0.21 - Server-side request forgery (SSRF)

[webapps] Akaunting < 3.1.3 - RCE

Akaunting
โŒ