TextPattern CMS 4.8.3 Exploit, Remote Code Execution (Authenticated)
WEBAPPS Author: blio | 2020/10/23 |
Bludit 3.9.2 Exploit, Auth Bruteforce Bypass
WEBAPPS Author: Mayank Deshmukh | 2020/10/23 |
Gym Management System 1.0 Exploit, Stored Cross Site Scripting
WEBAPPS Author: Jyotsna Adhana | 2020/10/23 |
Gym Management System 1.0 Exploit, Authentication Bypass
WEBAPPS Author: Jyotsna Adhana | 2020/10/23 |
School Faculty Scheduling System 1.0 Exploit, 'username' SQL Injection
WEBAPPS Author: Jyotsna Adhana | 2020/10/23 |
School Faculty Scheduling System 1.0 Exploit, 'id' SQL Injection
WEBAPPS Author: Jyotsna Adhana | 2020/10/23 |
Point of Sales 1.0 Exploit, 'username' SQL Injection
WEBAPPS Author: Jyotsna Adhana | 2020/10/23 |
Gym Management System 1.0 Exploit, 'id' SQL Injection
WEBAPPS Author: Jyotsna Adhana | 2020/10/23 |
Lot Reservation Management System 1.0 Exploit, Cross-Site Scripting (Stored)
WEBAPPS Author: Ankita Pal | 2020/10/23 |
Lot Reservation Management System 1.0 Exploit, Authentication Bypass
WEBAPPS Author: Ankita Pal | 2020/10/23 |
Point of Sales 1.0 Exploit, 'id' SQL Injection
WEBAPPS Author: Ankita Pal | 2020/10/23 |
User Registration & Login and User Management System 2.1 Exploit, SQL Injection
WEBAPPS Author: Ihsan Sencan | 2020/10/23 |
Car Rental Management System 1.0 Exploit, Arbitrary File Upload
WEBAPPS Author: Jyotsna Adhana | 2020/10/23 |
Stock Management System 1.0 Exploit, 'brandId and categoriesId' SQL Injection
WEBAPPS Author: Ihsan Sencan | 2020/10/23 |
Ajenti 2.1.36 Exploit, Remote Code Execution (Authenticated)
WEBAPPS Author: Ahmet Ümit BAYRAM | 2020/10/23 |
Online Library Management System 1.0 Exploit, Arbitrary File Upload
WEBAPPS Author: Jyotsna Adhana | 2020/10/23 |
Tiki Wiki CMS Groupware 21.1 Exploit, Authentication Bypass
WEBAPPS Author: Maximilian Barz | 2020/10/21 |
Stock Management System 1.0 Exploit, 'Brand Name' Persistent Cross-Site Scripting
WEBAPPS Author: Adeeb Shah | 2020/10/21 |
Stock Management System 1.0 Exploit, 'Categories Name' Persistent Cross-Site Scripting
WEBAPPS Author: Adeeb Shah | 2020/10/21 |
Stock Management System 1.0 Exploit, 'Product Name' Persistent Cross-Site Scripting
WEBAPPS Author: Adeeb Shah | 2020/10/21 |
GOautodial 4.0 Exploit, Authenticated Shell Upload
WEBAPPS Author: alzab | 2020/10/21 |
School Faculty Scheduling System 1.0 Exploit, Authentication Bypass POC
WEBAPPS Author: Jyotsna Adhana | 2020/10/21 |
School Faculty Scheduling System 1.0 Exploit, Stored Cross Site Scripting POC
WEBAPPS Author: Jyotsna Adhana | 2020/10/21 |
Hrsale 2.0.0 Exploit, Local File Inclusion
WEBAPPS Author: osecur | 2020/10/21 |
WordPress Plugin Colorbox Lightbox v1.1.1 Exploit, Persistent Cross-Site Scripting (Authenticated)
WEBAPPS Author: 1x | 2020/10/20 |
WordPress Plugin Rest Google Maps < 7.11.18 Exploit, SQL Injection
WEBAPPS Author: Jonatas Fil | 2020/10/20 |
Apache Struts 2 Exploit, DefaultActionMapper Prefixes OGNL Code Execution
WEBAPPS Author: Jonatas Fil | 2020/10/20 |
Mobile Shop System v1.0 Exploit, SQL Injection Authentication Bypass
WEBAPPS Author: Moaaz Taha | 2020/10/20 |
RiteCMS 2.2.1 Exploit, Remote Code Execution (Authenticated)
WEBAPPS Author: 0j3 | 2020/10/20 |
User Registration & Login and User Management System With admin panel 2.1 Exploit, Persistent XSS
WEBAPPS Author: usufmaliku | 2020/10/20 |
WordPress Plugin HS Brand Logo Slider 2.1 Exploit, 'logoupload' File Upload
WEBAPPS Author: et-Hunte | 2020/10/20 |
Ultimate Project Manager CRM PRO Version 2.0.5 Exploit, SQLi (Authenticated)
WEBAPPS Author: ag0me | 2020/10/20 |
Visitor Management System in PHP 1.0 Exploit, SQL Injection (Authenticated)
WEBAPPS Author: Rahul Ramkumar | 2020/10/20 |
Wordpress Plugin WP Courses < 2.0.29 Exploit, Broken Access Controls leading to Courses Content Disclosure
WEBAPPS Author: edtimmyse | 2020/10/20 |
Loan Management System 1.0 Exploit, Multiple Cross Site Scripting (Stored)
WEBAPPS Author: Akıner Kısa | 2020/10/20 |
Comtrend AR-5387un router Exploit, Persistent XSS (Authenticated)
WEBAPPS Author: scarAkaElvi | 2020/10/20 |
Textpattern CMS 4.6.2 Exploit, Cross-site Request Forgery
WEBAPPS Author: Alperen Ergel | 2020/10/19 |
Typesetter CMS 5.1 Exploit, Arbitrary Code Execution (Authenticated)
WEBAPPS Author: Rodolfo Tavares | 2020/10/19 |
Hostel Management System 2.1 Exploit, Cross Site Scripting (Multiple Fields)
WEBAPPS Author: okn3 | 2020/10/19 |
Jenkins 2.63 Exploit, Sandbox bypass in pipeline: Groovy plug-in
WEBAPPS Author: Daniel Morris | 2020/10/19 |
HiSilicon Video Encoders Exploit, Unauthenticated RTSP buffer overflow (DoS)
WEBAPPS Author: Alexei Kojenov | 2020/10/19 |
HiSilicon Video Encoders Exploit, Full admin access via backdoor password
WEBAPPS Author: Alexei Kojenov | 2020/10/19 |
HiSilicon video encoders Exploit, RCE via unauthenticated upload of malicious firmware
WEBAPPS Author: Alexei Kojenov | 2020/10/19 |
HiSilicon Video Encoders Exploit, RCE via unauthenticated command injection
WEBAPPS Author: Alexei Kojenov | 2020/10/19 |
HiSilicon Video Encoders Exploit, Unauthenticated file disclosure via path traversal
WEBAPPS Author: Alexei Kojenov | 2020/10/19 |
Online Job Portal 1.0 Exploit, Cross Site Scripting (Stored)
WEBAPPS Author: Akıner Kısa | 2020/10/19 |
Online Discussion Forum Site 1.0 Exploit, XSS in Messaging System
WEBAPPS Author: 5o | 2020/10/19 |
Online Student's Management System 1.0 Exploit, Remote Code Execution (Authenticated)
WEBAPPS Author: Akıner Kısa | 2020/10/19 |
Nagios XI 5.7.3 Exploit, 'SNMP Trap Interface' Authenticated SQL Injection
WEBAPPS Author: Matthew Aberegg | 2020/10/19 |
Nagios XI 5.7.3 Exploit, 'Manage Users' Authenticated SQL Injection
WEBAPPS Author: Matthew Aberegg | 2020/10/19 |
Nagios XI 5.7.3 Exploit, 'Contact Templates' Persistent Cross-Site Scripting
WEBAPPS Author: Matthew Aberegg | 2020/10/19 |
Tourism Management System 1.0 Exploit, Arbitrary File Upload
WEBAPPS Author: Ankita Pal | 2020/10/19 |
CS-Cart 1.3.3 Exploit, authenticated RCE
WEBAPPS Author: xmmnbasse | 2020/10/16 |
CS-Cart 1.3.3 Exploit, 'classes_dir' LFI
WEBAPPS Author: xmmnbasse | 2020/10/16 |
Seat Reservation System 1.0 Exploit, Unauthenticated SQL Injection
WEBAPPS Author: Rahul Ramkumar | 2020/10/16 |
Hotel Management System 1.0 Exploit, Remote Code Execution (Authenticated)
WEBAPPS Author: porlorxl2 | 2020/10/16 |
Seat Reservation System 1.0 Exploit, Remote Code Execution (Unauthenticated)
WEBAPPS Author: Rahul Ramkumar | 2020/10/16 |
aaPanel 6.6.6 Exploit, Privilege Escalation & Remote Code Execution (Authenticated)
WEBAPPS Author: Ünsal Furkan Harani | 2020/10/16 |
Restaurant Reservation System 1.0 Exploit, 'date' SQL Injection (Authenticated)
WEBAPPS Author: 1nar | 2020/10/16 |
Company Visitor Management System (CVMS) 1.0 Exploit, Authentication Bypass
WEBAPPS Author: Oğuz Türkgenç | 2020/10/16 |
Alumni Management System 1.0 Exploit, Authentication Bypass
WEBAPPS Author: Ankita Pal | 2020/10/16 |
Employee Management System 1.0 Exploit, Authentication Bypass
WEBAPPS Author: Ankita Pal | 2020/10/16 |
Employee Management System 1.0 Exploit, Cross Site Scripting (Stored)
WEBAPPS Author: Ankita Pal | 2020/10/16 |
Zoo Management System 1.0 Exploit, Authentication Bypass
WEBAPPS Author: Jyotsna Adhana | 2020/10/15 |
Simple Grocery Store Sales And Inventory System 1.0 Exploit, Authentication Bypass
WEBAPPS Author: Saurav Shukla | 2020/10/15 |
rConfig 3.9.5 Exploit, Remote Code Execution (Unauthenticated)
WEBAPPS Author: Daniel Monzón | 2020/10/15 |
Vehicle Parking Management System 1.0 Exploit, Authentication Bypass
WEBAPPS Author: Kpatro | 2020/10/15 |
Guild Wars 2 Exploit, Insecure Folder Permissions
LOCAL Author: George Tsimpidas | 2020/10/14 |
NodeBB Forum 1.12.2-1.14.2 Exploit, Account Takeover
WEBAPPS Author: Muhammed Eren Uygun | 2020/10/14 |
Battle.Net 1.27.1.12428 Exploit, Insecure File Permissions
LOCAL Author: George Tsimpidas | 2020/10/13 |
berliCRM 1.0.24 Exploit, 'src_record' SQL Injection
WEBAPPS Author: Ahmet Ümit BAYRAM | 2020/10/13 |
Cisco ASA and FTD 9.6.4.42 Exploit, Path Traversal
WEBAPPS Author: ndG4m | 2020/10/12 |
Online Students Management System 1.0 Exploit, 'username' SQL Injections
WEBAPPS Author: George Tsimpidas | 2020/10/12 |
Liman 0.7 Exploit, Cross-Site Request Forgery (Change Password)
WEBAPPS Author: George Tsimpidas | 2020/10/12 |
MedDream PACS Server 6.8.3.751 Exploit, Remote Code Execution (Unauthenticated)
WEBAPPS Author: zy | 2020/10/12 |
Small CRM 2.0 Exploit, 'email' SQL Injection
WEBAPPS Author: Ahmet Ümit BAYRAM | 2020/10/12 |
openMAINT 1.1-2.4.2 Exploit, Arbitrary File Upload
WEBAPPS Author: rb3 | 2020/10/09 |
DynPG 4.9.1 Exploit, Persistent Cross-Site Scripting (Authenticated)
WEBAPPS Author: Enes Özeser | 2020/10/09 |
Kentico CMS 9.0-12.0.49 Exploit, Persistent Cross Site Scripting
WEBAPPS Author: Ataberk YAVUZER | 2020/10/09 |
D-Link DSR-250N 3.12 Exploit, Denial of Service (PoC)
WEBAPPS Author: RedTeam Pentesting GmbH | 2020/10/08 |
SEO Panel 4.6.0 Exploit, Remote Code Execution
WEBAPPS Author: Kiko Andreu | 2020/10/08 |
Textpattern CMS 4.6.2 Exploit, 'body' Persistent Cross-Site Scripting
WEBAPPS Author: Alperen Ergel | 2020/10/07 |
BACnet Test Server 1.01 Exploit, Remote Denial of Service (PoC)
DOS Author: iquidWor | 2020/10/07 |
EasyPMS 1.0.0 Exploit, Authentication Bypass
WEBAPPS Author: ok3 | 2020/10/06 |
Karel IP Phone IP1211 Web Management Panel Exploit, Directory Traversal
WEBAPPS Author: berat isler | 2020/10/06 |
SpamTitan 7.07 Exploit, Unauthenticated Remote Code Execution
WEBAPPS Author: Felipe Molina | 2020/10/05 |
MOVEit Transfer 11.1.1 Exploit, 'token' Unauthenticated SQL Injection
WEBAPPS Author: Aviv Beniash | 2020/10/05 |
Photo Share Website 1.0 Exploit, Persistent Cross-Site Scripting
WEBAPPS Author: ugki | 2020/10/02 |
MedDream PACS Server 6.8.3.751 Exploit, Remote Code Execution (Authenticated)
WEBAPPS Author: zy | 2020/10/02 |
Typesetter CMS 5.1 Exploit, 'Site Title' Persistent Cross-Site Scripting
WEBAPPS Author: Alperen Ergel | 2020/10/01 |
CMS Made Simple 2.2.14 Exploit, Persistent Cross-Site Scripting (Authenticated)
WEBAPPS Author: Roel van Beurden | 2020/10/01 |
GetSimple CMS 3.3.16 Exploit, Persistent Cross-Site Scripting (Authenticated)
WEBAPPS Author: Roel van Beurden | 2020/10/01 |
WebsiteBaker 2.12.2 Exploit, 'display_name' SQL Injection (authenticated)
WEBAPPS Author: Roel van Beurden | 2020/10/01 |
MonoCMS Blog 1.0 Exploit, Arbitrary File Deletion (Authenticated)
WEBAPPS Author: Shahrukh Iqbal Mirza | 2020/10/01 |
SpinetiX Fusion Digital Signage 3.4.8 Exploit, Username Enumeration
WEBAPPS Author: iquidWor | 2020/10/01 |
SpinetiX Fusion Digital Signage 3.4.8 Exploit, Cross-Site Request Forgery (Add Admin)
WEBAPPS Author: iquidWor | 2020/10/01 |
SpinetiX Fusion Digital Signage 3.4.8 Exploit, Database Backup Disclosure
WEBAPPS Author: iquidWor | 2020/10/01 |
BrightSign Digital Signage Diagnostic Web Server 8.2.26 Exploit, File Delete Path Traversal
WEBAPPS Author: iquidWor | 2020/10/01 |
BrightSign Digital Signage Diagnostic Web Server 8.2.26 Exploit, Server-Side Request Forgery (Unauthenticated)
WEBAPPS Author: iquidWor | 2020/10/01 |
Sony IPELA Network Camera 1.82.01 Exploit, 'ftpclient.cgi' Remote Stack Buffer Overflow
REMOTE Author: iquidWor | 2020/10/01 |
