FreshRSS

๐Ÿ”’
โŒ Secure Planet Training Courses Updated For 2019 - Click Here
โ˜ท
โ–ณ ๐Ÿ”ƒ
There are new available articles, click to refresh the page.
Before yesterdayExploit-DB Updates

[webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)

SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)

[webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)

dizqueTV 1.5.3 - Remote Code Execution (RCE)

[webapps] openSIS 9.1 - SQLi (Authenticated)

openSIS 9.1 - SQLi (Authenticated)

[webapps] reNgine 2.2.0 - Command Injection (Authenticated)

reNgine 2.2.0 - Command Injection (Authenticated)

[dos] Windows TCP/IP - RCE Checker and Denial of Service

Windows TCP/IP - RCE Checker and Denial of Service

[webapps] Gitea 1.22.0 - Stored XSS

Gitea 1.22.0 - Stored XSS

[webapps] Invesalius3 - Remote Code Execution

Invesalius3 - Remote Code Execution

[webapps] NoteMark < 0.13.0 - Stored XSS

NoteMark

[webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass

[webapps] HughesNet HT2000W Satellite Modem - Password Reset

HughesNet HT2000W Satellite Modem - Password Reset

[webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config

[webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass

Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass

[webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Device Config Disclosure

Elber Wayber Analog/Digital Audio STL 4.00 - Device Config Disclosure

[webapps] Aurba 501 - Authenticated RCE

Aurba 501 - Authenticated RCE

[webapps] Calibre-web 0.6.21 - Stored XSS

Calibre-web 0.6.21 - Stored XSS

[webapps] Helpdeskz v2.0.2 - Stored XSS

Helpdeskz v2.0.2 - Stored XSS

[webapps] Ivanti vADC 9.9 - Authentication Bypass

Ivanti vADC 9.9 - Authentication Bypass

[local] Genexus Protection Server 9.7.2.10 - 'protsrvservice' Unquoted Service Path

Genexus Protection Server 9.7.2.10 - 'protsrvservice' Unquoted Service Path

[local] Oracle Database 12c Release 1 - Unquoted Service Path

Oracle Database 12c Release 1 - Unquoted Service Path

[local] SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path

SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path

[webapps] Devika v1 - Path Traversal via 'snapshot_path'

Devika v1 - Path Traversal via 'snapshot_path'

[local] Bonjour Service 'mDNSResponder.exe' - Unquoted Service Path Privilege Escalation

Bonjour Service 'mDNSResponder.exe' - Unquoted Service Path Privilege Escalation

[webapps] Customer Support System 1.0 - Stored XSS

Customer Support System 1.0 - Stored XSS

[webapps] Azon Dominator Affiliate Marketing Script - SQL Injection

Azon Dominator Affiliate Marketing Script - SQL Injection

[webapps] Microweber 2.0.15 - Stored XSS

Microweber 2.0.15 - Stored XSS

[webapps] Xhibiter NFT Marketplace 1.10.2 - SQL Injection

Xhibiter NFT Marketplace 1.10.2 - SQL Injection

[webapps] Poultry Farm Management System v1.0 - Remote Code Execution (RCE)

Poultry Farm Management System v1.0 - Remote Code Execution (RCE)

[webapps] Flatboard 3.2 - Stored Cross-Site Scripting (XSS) (Authenticated)

Flatboard 3.2 - Stored Cross-Site Scripting (XSS) (Authenticated)

[webapps] SolarWinds Platform 2024.1 SR1 - Race Condition

SolarWinds Platform 2024.1 SR1 - Race Condition

[webapps] Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting (XSS)

Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting (XSS)

[webapps] WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS) (Authenticated)

WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS) (Authenticated)

[remote] Zyxel IKE Packet Decoder - Unauthenticated Remote Code Execution (Metasploit)

Zyxel IKE Packet Decoder - Unauthenticated Remote Code Execution (Metasploit)

[webapps] ZwiiCMS 12.2.04 - Remote Code Execution (Authenticated)

ZwiiCMS 12.2.04 - Remote Code Execution (Authenticated)

[webapps] Boelter Blue System Management 1.3 - SQL Injection

Boelter Blue System Management 1.3 - SQL Injection

[webapps] Rebar3 3.13.2 - Command Injection

Rebar3 3.13.2 - Command Injection

[webapps] AEGON LIFE v1.0 Life Insurance Management System - Stored cross-site scripting (XSS)

AEGON LIFE v1.0 Life Insurance Management System - Stored cross-site scripting (XSS)

[webapps] AEGON LIFE v1.0 Life Insurance Management System - SQL injection vulnerability.

AEGON LIFE v1.0 Life Insurance Management System - SQL injection vulnerability.

[webapps] Carbon Forum 5.9.0 - Stored XSS

Carbon Forum 5.9.0 - Stored XSS

[webapps] XMB 1.9.12.06 - Stored XSS

XMB 1.9.12.06 - Stored XSS

[webapps] AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)

AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)

[webapps] Serendipity 2.5.0 - Remote Code Execution (RCE)

Serendipity 2.5.0 - Remote Code Execution (RCE)

[webapps] CMSimple 5.15 - Remote Code Execution (RCE) (Authenticated)

CMSimple 5.15 - Remote Code Execution (RCE) (Authenticated)

[webapps] Sitefinity 15.0 - Cross-Site Scripting (XSS)

Sitefinity 15.0 - Cross-Site Scripting (XSS)

[webapps] Dotclear 2.29 - Remote Code Execution (RCE)

Dotclear 2.29 - Remote Code Execution (RCE)

[webapps] Monstra CMS 3.0.4 - Remote Code Execution (RCE)

Monstra CMS 3.0.4 - Remote Code Execution (RCE)

[webapps] WBCE CMS v1.6.2 - Remote Code Execution (RCE)

WBCE CMS v1.6.2 - Remote Code Execution (RCE)

[webapps] appRain CMF 4.0.5 - Remote Code Execution (RCE) (Authenticated)

appRain CMF 4.0.5 - Remote Code Execution (RCE) (Authenticated)

[webapps] FreePBX 16 - Remote Code Execution (RCE) (Authenticated)

FreePBX 16 - Remote Code Execution (RCE) (Authenticated)

[webapps] Akaunting 3.1.8 - Server-Side Template Injection (SSTI)

Akaunting 3.1.8 - Server-Side Template Injection (SSTI)

[remote] Wipro Holmes Orchestrator 20.4.1 - Log File Disclosure

Wipro Holmes Orchestrator 20.4.1 - Log File Disclosure

[remote] ASUS ASMB8 iKVM 1.14.51 - Remote Code Execution (RCE) & SSH Access

ASUS ASMB8 iKVM 1.14.51 - Remote Code Execution (RCE) & SSH Access

[webapps] Craft CMS Logs Plugin 3.0.3 - Path Traversal (Authenticated)

Craft CMS Logs Plugin 3.0.3 - Path Traversal (Authenticated)

[webapps] Aquatronica Control System 5.1.6 - Information Disclosure

Aquatronica Control System 5.1.6 - Information Disclosure

[webapps] BWL Advanced FAQ Manager 2.0.3 - Authenticated SQL Injection

BWL Advanced FAQ Manager 2.0.3 - Authenticated SQL Injection

[webapps] ElkArte Forum 1.1.9 - Remote Code Execution (RCE) (Authenticated)

ElkArte Forum 1.1.9 - Remote Code Execution (RCE) (Authenticated)

[webapps] Check Point Security Gateway - Information Disclosure (Unauthenticated)

Check Point Security Gateway - Information Disclosure (Unauthenticated)

[webapps] Rocket LMS 1.9 - Persistent Cross Site Scripting (XSS)

Rocket LMS 1.9 - Persistent Cross Site Scripting (XSS)
โŒ