[webapps] WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS) (Authenticated)

— June 14^th 2024 at 00:00

WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS) (Authenticated)

Exploit-DB Updates

[remote] Zyxel IKE Packet Decoder - Unauthenticated Remote Code Execution (Metasploit)

— June 14^th 2024 at 00:00

Zyxel IKE Packet Decoder - Unauthenticated Remote Code Execution (Metasploit)

Exploit-DB Updates

[webapps] ZwiiCMS 12.2.04 - Remote Code Execution (Authenticated)

— June 14^th 2024 at 00:00

ZwiiCMS 12.2.04 - Remote Code Execution (Authenticated)

Exploit-DB Updates

[webapps] Boelter Blue System Management 1.3 - SQL Injection

— June 14^th 2024 at 00:00

Boelter Blue System Management 1.3 - SQL Injection

Exploit-DB Updates

[webapps] Rebar3 3.13.2 - Command Injection

— June 14^th 2024 at 00:00

Rebar3 3.13.2 - Command Injection

Exploit-DB Updates

[webapps] AEGON LIFE v1.0 Life Insurance Management System - Stored cross-site scripting (XSS)

— June 14^th 2024 at 00:00

AEGON LIFE v1.0 Life Insurance Management System - Stored cross-site scripting (XSS)

Exploit-DB Updates

[webapps] AEGON LIFE v1.0 Life Insurance Management System - SQL injection vulnerability.

— June 14^th 2024 at 00:00

AEGON LIFE v1.0 Life Insurance Management System - SQL injection vulnerability.

Exploit-DB Updates

[webapps] Carbon Forum 5.9.0 - Stored XSS

— June 14^th 2024 at 00:00

Carbon Forum 5.9.0 - Stored XSS

Exploit-DB Updates

[webapps] XMB 1.9.12.06 - Stored XSS

— June 14^th 2024 at 00:00

XMB 1.9.12.06 - Stored XSS

Exploit-DB Updates

[webapps] AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)

— June 14^th 2024 at 00:00

AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] PHP < 8.3.8 - Remote Code Execution (Unauthenticated) (Windows)

— June 14^th 2024 at 00:00

PHP

Exploit-DB Updates

[webapps] Serendipity 2.5.0 - Remote Code Execution (RCE)

— June 3^rd 2024 at 00:00

Serendipity 2.5.0 - Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] CMSimple 5.15 - Remote Code Execution (RCE) (Authenticated)

— June 3^rd 2024 at 00:00

CMSimple 5.15 - Remote Code Execution (RCE) (Authenticated)

Exploit-DB Updates

[webapps] Sitefinity 15.0 - Cross-Site Scripting (XSS)

— June 3^rd 2024 at 00:00

Sitefinity 15.0 - Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] Dotclear 2.29 - Remote Code Execution (RCE)

— June 3^rd 2024 at 00:00

Dotclear 2.29 - Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] Monstra CMS 3.0.4 - Remote Code Execution (RCE)

— June 3^rd 2024 at 00:00

Monstra CMS 3.0.4 - Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] WBCE CMS v1.6.2 - Remote Code Execution (RCE)

— June 3^rd 2024 at 00:00

WBCE CMS v1.6.2 - Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] appRain CMF 4.0.5 - Remote Code Execution (RCE) (Authenticated)

— June 3^rd 2024 at 00:00

appRain CMF 4.0.5 - Remote Code Execution (RCE) (Authenticated)

Exploit-DB Updates

[webapps] FreePBX 16 - Remote Code Execution (RCE) (Authenticated)

— June 1^st 2024 at 00:00

FreePBX 16 - Remote Code Execution (RCE) (Authenticated)

Exploit-DB Updates

[webapps] Akaunting 3.1.8 - Server-Side Template Injection (SSTI)

— June 1^st 2024 at 00:00

Akaunting 3.1.8 - Server-Side Template Injection (SSTI)

Exploit-DB Updates

[remote] Wipro Holmes Orchestrator 20.4.1 - Log File Disclosure

— June 1^st 2024 at 00:00

Wipro Holmes Orchestrator 20.4.1 - Log File Disclosure

Exploit-DB Updates

[remote] ASUS ASMB8 iKVM 1.14.51 - Remote Code Execution (RCE) & SSH Access

— June 1^st 2024 at 00:00

ASUS ASMB8 iKVM 1.14.51 - Remote Code Execution (RCE) & SSH Access

Exploit-DB Updates

[webapps] Craft CMS Logs Plugin 3.0.3 - Path Traversal (Authenticated)

— June 1^st 2024 at 00:00

Craft CMS Logs Plugin 3.0.3 - Path Traversal (Authenticated)

Exploit-DB Updates

[webapps] Aquatronica Control System 5.1.6 - Information Disclosure

— May 31^st 2024 at 00:00

Aquatronica Control System 5.1.6 - Information Disclosure

Exploit-DB Updates

[webapps] BWL Advanced FAQ Manager 2.0.3 - Authenticated SQL Injection

— May 31^st 2024 at 00:00

BWL Advanced FAQ Manager 2.0.3 - Authenticated SQL Injection

Exploit-DB Updates

[webapps] iMLog < 1.307 - Persistent Cross Site Scripting (XSS)

— May 31^st 2024 at 00:00

iMLog

Exploit-DB Updates

[webapps] ElkArte Forum 1.1.9 - Remote Code Execution (RCE) (Authenticated)

— May 31^st 2024 at 00:00

ElkArte Forum 1.1.9 - Remote Code Execution (RCE) (Authenticated)

Exploit-DB Updates

[webapps] changedetection < 0.45.20 - Remote Code Execution (RCE)

— May 31^st 2024 at 00:00

changedetection

Exploit-DB Updates

[webapps] Check Point Security Gateway - Information Disclosure (Unauthenticated)

— May 31^st 2024 at 00:00

Check Point Security Gateway - Information Disclosure (Unauthenticated)

Exploit-DB Updates

[webapps] Rocket LMS 1.9 - Persistent Cross Site Scripting (XSS)

— May 19^th 2024 at 00:00

Rocket LMS 1.9 - Persistent Cross Site Scripting (XSS)

Exploit-DB Updates

[webapps] Wordpress Theme XStore 9.3.8 - SQLi

— May 19^th 2024 at 00:00

Wordpress Theme XStore 9.3.8 - SQLi

Exploit-DB Updates

[webapps] Apache OFBiz 18.12.12 - Directory Traversal

— May 19^th 2024 at 00:00

Apache OFBiz 18.12.12 - Directory Traversal

Exploit-DB Updates

[webapps] Backdrop CMS 1.27.1 - Authenticated Remote Command Execution (RCE)

— May 19^th 2024 at 00:00

Backdrop CMS 1.27.1 - Authenticated Remote Command Execution (RCE)

Exploit-DB Updates

[webapps] PopojiCMS 2.0.1 - Remote Command Execution (RCE)

— May 19^th 2024 at 00:00

PopojiCMS 2.0.1 - Remote Command Execution (RCE)

Exploit-DB Updates

[webapps] htmlLawed 1.2.5 - Remote Code Execution (RCE)

— May 19^th 2024 at 00:00

htmlLawed 1.2.5 - Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] PyroCMS v3.0.1 - Stored XSS

— May 13^th 2024 at 00:00

PyroCMS v3.0.1 - Stored XSS

Exploit-DB Updates

[remote] CrushFTP < 11.1.0 - Directory Traversal

— May 13^th 2024 at 00:00

CrushFTP

Exploit-DB Updates

[webapps] Chyrp 2.5.2 - Stored Cross-Site Scripting (XSS)

— May 13^th 2024 at 00:00

Chyrp 2.5.2 - Stored Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] Leafpub 1.1.9 - Stored Cross-Site Scripting (XSS)

— May 13^th 2024 at 00:00

Leafpub 1.1.9 - Stored Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] CE Phoenix Version 1.0.8.20 - Stored XSS

— May 13^th 2024 at 00:00

CE Phoenix Version 1.0.8.20 - Stored XSS

Exploit-DB Updates

[webapps] Prison Management System - SQL Injection Authentication Bypass

— May 13^th 2024 at 00:00

Prison Management System - SQL Injection Authentication Bypass

Exploit-DB Updates

[webapps] Apache mod_proxy_cluster - Stored XSS

— May 13^th 2024 at 00:00

Apache mod_proxy_cluster - Stored XSS

Exploit-DB Updates

[local] Plantronics Hub 3.25.1 - Arbitrary File Read

— May 13^th 2024 at 00:00

Plantronics Hub 3.25.1 - Arbitrary File Read

Exploit-DB Updates

[webapps] Clinic Queuing System 1.0 - RCE

— May 8^th 2024 at 00:00

Clinic Queuing System 1.0 - RCE

Exploit-DB Updates

[webapps] iboss Secure Web Gateway - Stored Cross-Site Scripting (XSS)

— May 8^th 2024 at 00:00

iboss Secure Web Gateway - Stored Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 - Authentication Bypass

— May 4^th 2024 at 00:00

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 - Authentication Bypass

Exploit-DB Updates

[webapps] Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 - Device Config Disclosure

— May 4^th 2024 at 00:00

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 - Device Config Disclosure

Exploit-DB Updates

[webapps] Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Authentication Bypass

— May 4^th 2024 at 00:00

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Authentication Bypass

Exploit-DB Updates

[webapps] Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Device Config Disclosure

— May 4^th 2024 at 00:00

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Device Config Disclosure

Exploit-DB Updates

[webapps] Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Authentication Bypass

— May 4^th 2024 at 00:00

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Authentication Bypass

Exploit-DB Updates

[webapps] Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Device Config Disclosure

— May 4^th 2024 at 00:00

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Device Config Disclosure

Exploit-DB Updates

[webapps] Laravel Framework 11 - Credential Leakage

— April 21^st 2024 at 00:00

Laravel Framework 11 - Credential Leakage

Exploit-DB Updates

[webapps] SofaWiki 3.9.2 - Remote Command Execution (RCE) (Authenticated)

— April 21^st 2024 at 00:00

SofaWiki 3.9.2 - Remote Command Execution (RCE) (Authenticated)

Exploit-DB Updates

[webapps] Flowise 1.6.5 - Authentication Bypass

— April 21^st 2024 at 00:00

Flowise 1.6.5 - Authentication Bypass

Exploit-DB Updates

[remote] Palo Alto PAN-OS < v11.1.2-h3 - Command Injection and Arbitrary File Creation

— April 21^st 2024 at 00:00

Palo Alto PAN-OS

Exploit-DB Updates

[webapps] FlatPress v1.3 - Remote Command Execution

— April 21^st 2024 at 00:00

FlatPress v1.3 - Remote Command Execution

Exploit-DB Updates

[webapps] Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution

— April 21^st 2024 at 00:00

Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution

Exploit-DB Updates

[webapps] djangorestframework-simplejwt 5.3.1 - Information Disclosure

— April 15^th 2024 at 00:00

djangorestframework-simplejwt 5.3.1 - Information Disclosure

Exploit-DB Updates

[webapps] Jenkins 2.441 - Local File Inclusion

— April 15^th 2024 at 00:00

Jenkins 2.441 - Local File Inclusion

Exploit-DB Updates

[webapps] OpenClinic GA 5.247.01 - Information Disclosure

— April 15^th 2024 at 00:00

OpenClinic GA 5.247.01 - Information Disclosure