| 48737 | Daily Expenses Management System 1.0 - 'item' SQL Injection
WEBAPPS Author: creetse | 2020/08/07 | |
| 48736 | All-Dynamics Digital Signage System 2.0.2 - Cross-Site Request Forgery (Add Admin)
WEBAPPS Author: iquidWor | 2020/08/07 | |
| 48735 | CodeMeter 6.60 - 'CodeMeter.exe' Unquoted Service Path
LOCAL Author: Luis Martínez | 2020/08/06 | |
| 48734 | Victor CMS 1.0 - 'Search' SQL Injection
WEBAPPS Author: creetse | 2020/08/06 | |
| 48733 | Stock Management System 1.0 - Authentication Bypass
WEBAPPS Author: Adeeb Shah | 2020/08/05 | |
| 48732 | QlikView 12.50.20000.0 - 'FTP Server Address' Denial of Service (PoC)
DOS Author: Luis Martínez | 2020/08/05 | |
| 48731 | ACTi NVR3 Standard or Professional Server 3.0.12.42 - Denial of Service (PoC)
DOS Author: egaMagnu | 2020/08/05 | |
| 48730 | Daily Expenses Management System 1.0 - 'username' SQL Injection
WEBAPPS Author: Daniel Ortiz | 2020/08/04 | |
| 48729 | RTSP for iOS 1.0 - 'IP Address' Denial of Service (PoC)
DOS Author: Luis Martínez | 2020/08/04 | |
| 48728 | Mocha Telnet Lite for iOS 4.2 - 'User' Denial of Service (PoC)
DOS Author: Luis Martínez | 2020/08/04 | |
| 48727 | Pi-hole 4.3.2 - Remote Code Execution (Authenticated)
WEBAPPS Author: Luis Vacacas | 2020/08/04 | |
| 48725 | Online Shopping Alphaware 1.0 - Authentication Bypass
WEBAPPS Author: Ahmed Abbas | 2020/07/30 | |
| 48724 | Wordpress Plugin Maintenance Mode by SeedProd 5.1.1 - Persistent Cross-Site Scripting
WEBAPPS Author: Jinson Varghese Behanan | 2020/07/29 | |
| 48723 | Cisco Adaptive Security Appliance Software 9.7 - Unauthenticated Arbitrary File Deletion
WEBAPPS Author: xmmnbasse | 2020/07/29 | |
| 48722 | Cisco Adaptive Security Appliance Software 9.11 - Local File Inclusion
WEBAPPS Author: xmmnbasse | 2020/07/28 | |
| 48720 | eGroupWare 1.14 - 'spellchecker.php' Remote Command Execution
WEBAPPS Author: Berk KIRAS | 2020/07/27 | |
| 48719 | docPrint Pro 8.0 - 'Add URL' Buffer Overflow (SEH Egghunter)
LOCAL Author: asterVla | 2020/07/26 | |
| 48716 | Rails 5.0.1 - Remote Code Execution
WEBAPPS Author: Lucas Amorim | 2020/07/26 | |
| 48715 | Virtual Airlines Manager 2.6.2 - Persistent Cross-Site Scripting
WEBAPPS Author: Peter Blue | 2020/07/26 | |
| 48714 | pfSense 2.4.4-p3 - Cross-Site Request Forgery
WEBAPPS Author: host_f | 2020/07/26 | |
| 48713 | Socket.io-file 2.0.31 - Arbitrary File Upload
WEBAPPS Author: r0wTo | 2020/07/26 | |
| 48712 | Sickbeard 0.1 - Cross-Site Request Forgery (Disable Authentication)
WEBAPPS Author: drak | 2020/07/26 | |
| 48711 | F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion
WEBAPPS Author: Carlos E. Vieira | 2020/07/26 | |
| 48709 | Webtareas 2.1p - Arbitrary File Upload (Authenticated)
WEBAPPS Author: ppleBoi | 2020/07/26 | |
| 48708 | Bio Star 2.8.2 - Local File Inclusion
WEBAPPS Author: SITE Team | 2020/07/26 | |
| 48707 | PandoraFMS 7.0 NG 746 - Persistent Cross-Site Scripting
WEBAPPS Author: ppleBoi | 2020/07/26 | |
| 48706 | Koken CMS 0.22.24 - Arbitrary File Upload (Authenticated)
WEBAPPS Author: 1n1v131r | 2020/07/26 | |
| 48705 | elaniin CMS - Authentication Bypass
WEBAPPS Author: Kpatro | 2020/07/26 | |
| 48704 | Online Course Registration 1.0 - Unauthenticated Remote Code Execution
WEBAPPS Author: ok | 2020/07/26 | |
| 48702 | LibreHealth 2.0.0 - Authenticated Remote Code Execution
WEBAPPS Author: ok | 2020/07/26 | |
| 48701 | Bludit 3.9.2 - Directory Traversal
WEBAPPS Author: James Green | 2020/07/26 | |
| 48699 | WordPress Plugin Email Subscribers & Newsletters 4.2.2 - 'hash' SQL Injection (Unauthenticated)
WEBAPPS Author: BA@SOGETI_ESE | 2020/07/26 | |
| 48698 | WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download
WEBAPPS Author: BA@SOGETI_ESE | 2020/07/26 | |
| 48697 | Calavera UpLoader 3.5 - 'FTP Logi' Denial of Service (PoC + SEH Overwrite)
DOS Author: Felipe Winsnes | 2020/07/26 | |
| 48696 | Free MP3 CD Ripper 2.8 - Stack Buffer Overflow (SEH + Egghunter)
LOCAL Author: Eduard Palisek | 2020/07/26 | |
| 48695 | Port Forwarding Wizard 4.8.0 - Buffer Overflow (SEH)
LOCAL Author: Sarang Tumne | 2020/07/26 | |
| 48694 | UBICOD Medivision Digital Signage 1.5.1 - Cross-Site Request Forgery (Add Admin)
WEBAPPS Author: iquidWor | 2020/07/26 | |
| 48693 | INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution
WEBAPPS Author: Patrick Hener | 2020/07/26 | |
| 48692 | ManageEngine Applications Manager 13 - 'MenuHandlerServlet' SQL Injection
WEBAPPS Author: ldor | 2020/07/26 | |
| 48691 | Socusoft Photo to Video Converter Professional 8.07 - 'Output Folder' Buffer Overflow (SEH Egghunter)
LOCAL Author: asterVla | 2020/07/26 | |
| 48690 | GOautodial 4.0 - Persistent Cross-Site Scripting (Authenticated)
WEBAPPS Author: alzab | 2020/07/26 | |
| 48689 | DiskBoss 7.7.14 - 'Reports and Data Directory' Buffer Overflow (SEH Egghunter)
LOCAL Author: asterVla | 2020/07/26 | |
| 48688 | Frigate Professional 3.36.0.9 - 'Pack File' Buffer Overflow (SEH Egghunter)
LOCAL Author: asterVla | 2020/07/26 | |
| 48687 | Nidesoft DVD Ripper 5.2.18 - Local Buffer Overflow (SEH)
LOCAL Author: Felipe Winsnes | 2020/07/26 | |
| 48686 | Snes9K 0.09z - 'Port Number' Buffer Overflow (SEH)
LOCAL Author: asterVla | 2020/07/23 | |
| 48685 | FTPDummy 4.80 - Local Buffer Overflow (SEH)
LOCAL Author: Felipe Winsnes | 2020/07/23 | |
| 48684 | UBICOD Medivision Digital Signage 1.5.1 - Authorization Bypass
WEBAPPS Author: iquidWor | 2020/07/23 | |
| 48683 | Sophos VPN Web Panel 2020 - Denial of Service (Poc)
WEBAPPS Author: Berk KIRAS | 2020/07/22 | |
| 48682 | WordPress Theme NexosReal Estate 1.7 - 'search_order' SQL Injection
WEBAPPS Author: Vlad Vector | 2020/07/22 | |
| 48681 | Docsify.js 4.11.4 - Reflective Cross-Site Scripting
WEBAPPS Author: Amin Sharifi | 2020/07/22 | |
| 48680 | NetPCLinker 1.0.0.0 - Buffer Overflow (SEH Egghunter)
LOCAL Author: Saeed reza Zamanian | 2020/07/22 | |
| 48679 | CMSUno 1.6 - Cross-Site Request Forgery (Change Admin Password)
WEBAPPS Author: ot | 2020/07/17 | |
| 48678 | Simple Startup Manager 1.17 - 'File' Local Buffer Overflow (PoC)
LOCAL Author: ovlTekstT | 2020/07/17 | |
| 48677 | Sonar Qube 8.3.1 - 'SonarQube Service' Unquoted Service Path
LOCAL Author: Velayutham Selvaraj | 2020/07/17 | |
| 48676 | Wing FTP Server 6.3.8 - Remote Code Execution (Authenticated)
WEBAPPS Author: 1n1v131r | 2020/07/16 | |
| 48675 | RiteCMS 2.2.1 - Remote Code Execution
WEBAPPS Author: Enes Özeser | 2020/07/16 | |
| 48674 | Infor Storefront B2B 1.0 - 'usr_name' SQL Injection
WEBAPPS Author: atbo | 2020/07/15 | |
| 48673 | Online Farm Management System 0.1.0 - Persistent Cross-Site Scripting
WEBAPPS Author: eopssGroup0day_In | 2020/07/15 | |
| 48672 | Web Based Online Hotel Booking System 0.1.0 - Authentication Bypass
WEBAPPS Author: eopssGroup0day_In | 2020/07/15 | |
| 48671 | Online Polling System 1.0 - Authentication Bypass
WEBAPPS Author: ppleBoi | 2020/07/15 | |
| 48670 | Joomla! J2 JOBS 1.3.0 - 'sortby' Authenticated SQL Injection
WEBAPPS Author: Mehmet Kelepçe | 2020/07/15 | |
| 48669 | Zyxel Armor X1 WAP6806 - Directory Traversal
WEBAPPS Author: Rajivarnan R | 2020/07/15 | |
| 48668 | SuperMicro IPMI WebInterface 03.40 - Cross-Site Request Forgery (Add Admin)
WEBAPPS Author: Metin Yunus Kandemir | 2020/07/15 | |
| 48667 | Trend Micro Web Security Virtual Appliance 6.5 SP2 Patch 4 Build 1901 - Remote Code Execution (Metasploit)
WEBAPPS Author: Mehmet Ince | 2020/07/14 | |
| 48666 | BSA Radar 1.6.7234.24750 - Local File Inclusion
WEBAPPS Author: William Summerhill | 2020/07/14 | |
| 48663 | Park Ticketing Management System 1.0 - Authentication Bypass
WEBAPPS Author: h1ma | 2020/07/13 | |
| 48662 | Park Ticketing Management System 1.0 - 'viewid' SQL Injection
WEBAPPS Author: h1ma | 2020/07/13 | |
| 48661 | Aruba ClearPass Policy Manager 6.7.0 - Unauthenticated Remote Command Execution
REMOTE Author: picyItalia | 2020/07/10 | |
| 48660 | Barangay Management System 1.0 - Authentication Bypass
WEBAPPS Author: Kpatro | 2020/07/10 | |
| 48659 | HelloWeb 2.0 - Arbitrary File Download
WEBAPPS Author: Rps | 2020/07/10 | |
| 48658 | Savsoft Quiz 5 - Persistent Cross-Site Scripting
WEBAPPS Author: h3d1gge | 2020/07/09 | |
| 48657 | FrootVPN 4.8 - 'frootvpn' Unquoted Service Path
LOCAL Author: 3n0 | 2020/07/09 | |
| 48656 | Wordpress Plugin Powie's WHOIS Domain Check 0.9.31 - Persistent Cross-Site Scripting
WEBAPPS Author: q | 2020/07/09 | |
| 48653 | BSA Radar 1.6.7234.24750 - Cross-Site Request Forgery (Change Password)
WEBAPPS Author: William Summerhill | 2020/07/08 | |
| 48652 | SuperMicro IPMI 03.40 - Cross-Site Request Forgery (Add Admin)
WEBAPPS Author: Metin Yunus Kandemir | 2020/07/08 | |
| 48655 | PHP 7.4 FFI - 'disable_functions' Bypass
WEBAPPS Author: hunter gregal | 2020/07/07 | |
| 48650 | Microsoft Windows mshta.exe 2019 - XML External Entity Injection
REMOTE Author: yp3rlin | 2020/07/07 | |
| 48649 | BSA Radar 1.6.7234.24750 - Authenticated Privilege Escalation
WEBAPPS Author: William Summerhill | 2020/07/07 | |
| 48648 | Joomla! J2 JOBS 1.3.0 - 'sortby' Authenticated SQL Injection
WEBAPPS Author: Mehmet Kelepçe | 2020/07/07 | |
| 48647 | Online Shopping Portal 3.1 - 'email' SQL Injection
WEBAPPS Author: h1ma | 2020/07/07 | |
| 48646 | Sickbeard 0.1 - Remote Command Injection
WEBAPPS Author: drak | 2020/07/07 | |
| 48642 | BIG-IP 15.0.0 < 15.1.0.3 / 14.1.0 < 14.1.2.5 / 13.1.0 < 13.1.3.3 / 12.1.0 < 12.1.5.1 / 11.6.1 < 11.6.5.1 - Traffic Management User Interface 'TMUI' Remote Code Execution
WEBAPPS Author: Critical Start | 2020/07/06 | |
| 48640 | Nagios XI 5.6.12 - 'export-rrd.php' Remote Code Execution
WEBAPPS Author: Basim Alabdullah | 2020/07/06 | |
| 48639 | RSA IG&L Aveksa 7.1.1 - Remote Code Execution
WEBAPPS Author: Jakub Palaczynski | 2020/07/06 | |
| 48638 | Grafana 7.0.1 - Denial of Service (PoC)
DOS Author: ostwanted00 | 2020/07/06 | |
| 48637 | Fire Web Server 0.1 - Remote Denial of Service (PoC)
DOS Author: Saeed reza Zamanian | 2020/07/06 | |
| 48636 | RiteCMS 2.2.1 - Authenticated Remote Code Execution
WEBAPPS Author: Enes Özeser | 2020/07/06 | |
| 48635 | File Management System 1.1 - Persistent Cross-Site Scripting
WEBAPPS Author: eopssGroup0day_In | 2020/07/06 | |
| 48643 | BIG-IP 15.0.0 < 15.1.0.3 / 14.1.0 < 14.1.2.5 / 13.1.0 < 13.1.3.3 / 12.1.0 < 12.1.5.1 / 11.6.1 < 11.6.5.1 - Traffic Management User Interface 'TMUI' Remote Code Execution (PoC)
WEBAPPS Author: Budi Khoirudin | 2020/07/05 | |
| 48634 | OCS Inventory NG 2.7 - Remote Code Execution
WEBAPPS Author: ska | 2020/07/02 | |
| 48633 | ZenTao Pro 8.8.2 - Command Injection
WEBAPPS Author: Daniel Monzón | 2020/07/02 | |
| 48632 | WhatsApp Remote Code Execution - Paper
WEBAPPS Author: ashu Jaiswal | 2020/07/02 | |
| 48631 | Online Shopping Portal 3.1 - Authentication Bypass
WEBAPPS Author: Ümit Yalçın | 2020/07/01 | |
| 48630 | PHP-Fusion 9.03.60 - PHP Object Injection
WEBAPPS Author: oiffeu | 2020/07/01 | |
| 48629 | e-learning Php Script 0.1.0 - 'search' SQL Injection
WEBAPPS Author: eopssGroup0day_In | 2020/07/01 | |
| 48628 | RM Downloader 2.50.60 2006.06.23 - 'Load' Local Buffer Overflow (EggHunter) (SEH) (PoC)
LOCAL Author: Paras Bhatia | 2020/07/01 | |
| 48627 | Reside Property Management 3.0 - 'profile' SQL Injection
WEBAPPS Author: Behzad Khalifeh | 2020/06/30 | |
| 48626 | Victor CMS 1.0 - 'user_firstname' Persistent Cross-Site Scripting
WEBAPPS Author: Anushree Priyadarshini | 2020/06/30 | |
| 48625 | KiteService 1.2020.618.0 - Unquoted Service Path
LOCAL Author: Marcos Antonio León | 2020/06/26 | |
| 48624 | Windscribe 1.83 - 'WindscribeService' Unquoted Service Path
LOCAL Author: Ethan Seow | 2020/06/26 | |
