Chamilo LMS 1.11.14 Exploit, Remote Code Execution (Authenticated)
WEBAPPS Author: M. Cory Billington | 2021/05/14 |
Podcast Generator 3.1 Exploit, 'Long Description' Persistent Cross-Site Scripting (XSS)
WEBAPPS Author: Ayşenur KARAASLAN | 2021/05/14 |
Student Management System 1.0 Exploit, 'message' Persistent Cross-Site Scripting (Authenticated)
WEBAPPS Author: mohsen khashei | 2021/05/14 |
Firefox 72 IonMonkey Exploit, JIT Type Confusion
LOCAL Author: Forrest Orr | 2021/05/13 |
Microsoft Internet Explorer 8/11 and WPAD service 'Jscript.dll' Exploit, Use-After-Free
LOCAL Author: Forrest Orr | 2021/05/13 |
ZeroShell 3.9.0 Exploit, Remote Command Execution
WEBAPPS Author: Fellipe Oliveira | 2021/05/13 |
Dental Clinic Appointment Reservation System 1.0 Exploit, 'date' UNION based SQL Injection (Authenticated)
WEBAPPS Author: Mesut Cetin | 2021/05/13 |
Dental Clinic Appointment Reservation System 1.0 Exploit, Authentication Bypass (SQLi)
WEBAPPS Author: Mesut Cetin | 2021/05/13 |
Chevereto 3.17.1 Exploit, Cross Site Scripting (Stored)
WEBAPPS Author: Akıner Kısa | 2021/05/12 |
Splinterware System Scheduler Professional 5.30 Exploit, Privilege Escalation
LOCAL Author: Andrea Intilangelo | 2021/05/12 |
Odoo 12.0.20190101 Exploit, 'nssm.exe' Unquoted Service Path
LOCAL Author: F98 | 2021/05/11 |
Microweber CMS 1.1.20 Exploit, Remote Code Execution (Authenticated)
WEBAPPS Author: l1nk | 2021/05/10 |
Human Resource Information System 0.1 Exploit, 'First Name' Persistent Cross-Site Scripting (Authenticated)
WEBAPPS Author: Reza Afsahi | 2021/05/10 |
PHP Timeclock 1.04 Exploit, 'Multiple' Cross Site Scripting (XSS)
WEBAPPS Author: Tyler Butler | 2021/05/10 |
TFTP Broadband 4.3.0.1465 Exploit, 'tftpt.exe' Unquoted Service Path
LOCAL Author: Erick Galindo | 2021/05/10 |
BOOTP Turbo 2.0.0.1253 Exploit, 'bootpt.exe' Unquoted Service Path
LOCAL Author: Erick Galindo | 2021/05/10 |
DHCP Broadband 4.1.0.1503 Exploit, 'dhcpt.exe' Unquoted Service Path
LOCAL Author: Erick Galindo | 2021/05/10 |
PHP Timeclock 1.04 Exploit, Time and Boolean Based Blind SQL Injection # Date: May 3rd 2021
WEBAPPS Author: Tyler Butler | 2021/05/07 |
Epic Games Rocket League 1.95 Exploit, Stack Buffer Overrun
LOCAL Author: iquidWor | 2021/05/07 |
Human Resource Information System 0.1 Exploit, Remote Code Execution (Unauthenticated)
WEBAPPS Author: Reza Afsahi | 2021/05/07 |
Voting System 1.0 Exploit, Remote Code Execution (Unauthenticated)
WEBAPPS Author: ecure7 | 2021/05/07 |
WifiHotSpot 1.0.0.0 Exploit, 'WifiHotSpotService.exe' Unquoted Service Path
LOCAL Author: Erick Galindo | 2021/05/07 |
Sandboxie 5.49.7 Exploit, Denial of Service (PoC)
DOS Author: Erick Galindo | 2021/05/07 |
Voting System 1.0 Exploit, Authentication Bypass (SQLI)
WEBAPPS Author: ecure7 | 2021/05/07 |
Sandboxie Plus 0.7.4 Exploit, 'SbieSvc' Unquoted Service Path
LOCAL Author: Erick Galindo | 2021/05/07 |
Epic Games Easy Anti-Cheat 4.0 Exploit, Local Privilege Escalation
LOCAL Author: iquidWor | 2021/05/07 |
b2evolution 7-2-2 Exploit, 'cf_name' SQL Injection
WEBAPPS Author: u11secur1t | 2021/05/06 |
Wordpress Plugin WP Super Edit 2.5.4 Exploit, Remote File Upload
WEBAPPS Author: 4shu | 2021/05/06 |
Schlix CMS 2.2.6-6 Exploit, Remote Code Execution (Authenticated)
WEBAPPS Author: Eren Saraç | 2021/05/06 |
Schlix CMS 2.2.6-6 Exploit, 'title' Persistent Cross-Site Scripting (Authenticated)
WEBAPPS Author: Enes Özeser | 2021/05/06 |
Anote 1.0 Exploit, XSS to RCE
WEBAPPS Author: aurusOma | 2021/05/05 |
Markdownify 1.2.0 Exploit, XSS to RCE
WEBAPPS Author: aurusOma | 2021/05/05 |
Markright 1.0 Exploit, XSS to RCE
WEBAPPS Author: aurusOma | 2021/05/05 |
Freeter 1.2.1 Exploit, XSS to RCE
WEBAPPS Author: aurusOma | 2021/05/05 |
StudyMD 0.3.2 Exploit, XSS to RCE
WEBAPPS Author: aurusOma | 2021/05/05 |
Marky 0.0.1 Exploit, XSS to RCE
WEBAPPS Author: aurusOma | 2021/05/05 |
Moeditor 0.2.0 Exploit, XSS to RCE
WEBAPPS Author: aurusOma | 2021/05/05 |
SnipCommand 0.1.0 Exploit, XSS to RCE
WEBAPPS Author: aurusOma | 2021/05/05 |
Tagstoo 2.0.1 Exploit, Stored XSS to RCE
WEBAPPS Author: aurusOma | 2021/05/05 |
Xmind 2020 Exploit, XSS to RCE
WEBAPPS Author: aurusOma | 2021/05/05 |
Markdown Explorer 0.1.1 Exploit, XSS to RCE
WEBAPPS Author: Taurus Omar | 2021/05/05 |
Savsoft Quiz 5 Exploit, 'User Account Settings' Persistent Cross-Site Scripting
WEBAPPS Author: tride | 2021/05/05 |
Internship Portal Management System 1.0 Exploit, Remote Code Execution Via File Upload (Unauthenticated)
WEBAPPS Author: rgeneste | 2021/05/04 |
GitLab Community Edition (CE) 13.10.3 Exploit, 'Sign_Up' User Enumeration
WEBAPPS Author: D0nii | 2021/05/03 |
GitLab Community Edition (CE) 13.10.3 Exploit, User Enumeration
WEBAPPS Author: D0nii | 2021/05/03 |
Piwigo 11.3.0 Exploit, 'language' SQL
WEBAPPS Author: u11secur1t | 2021/05/03 |
Voting System 1.0 Exploit, Time based SQLI (Unauthenticated SQL injection)
WEBAPPS Author: Syed Sheeraz Ali | 2021/05/03 |
GetSimple CMS Custom JS 0.1 Exploit, CSRF to XSS to RCE
WEBAPPS Author: ok | 2021/05/03 |
GNU Wget < 1.18 Exploit, Arbitrary File Upload / Remote Code Execution (2)
REMOTE Author: iewehacksi | 2021/04/30 |
Moodle 3.6.1 Exploit, Persistent Cross-Site Scripting (XSS)
WEBAPPS Author: Fariskhi Vidyan | 2021/04/30 |
NodeBB Plugin Emoji 3.2.1 Exploit, Arbitrary File Write
WEBAPPS Author: F98 | 2021/04/29 |
FOGProject 1.5.9 Exploit, File Upload RCE (Authenticated)
WEBAPPS Author: m | 2021/04/29 |
Cacti 1.2.12 Exploit, 'filter' SQL Injection / Remote Code Execution
WEBAPPS Author: Leonardo Paiva | 2021/04/29 |
Kirby CMS 3.5.3.1 Exploit, 'file' Cross-Site Scripting (XSS)
WEBAPPS Author: Sreenath Raghunathan | 2021/04/28 |
WordPress Plugin WPGraphQL 1.3.5 Exploit, Denial of Service
DOS Author: Dolev Farhi | 2021/04/27 |
Montiorr 1.7.6m Exploit, File Upload to XSS
WEBAPPS Author: Ahmad Shakla | 2021/04/27 |
Kimai 1.14 Exploit, CSV Injection
WEBAPPS Author: Mohammed Aloraimi | 2021/04/27 |
SEO Panel 4.8.0 Exploit, 'order_col' Blind SQL Injection (2)
WEBAPPS Author: u11secur1t | 2021/04/26 |
OpenPLC 3 Exploit, Remote Code Execution (Authenticated)
WEBAPPS Author: Fellipe Oliveira | 2021/04/26 |
Hasura GraphQL 1.3.3 Exploit, Remote Code Execution
WEBAPPS Author: Dolev Farhi | 2021/04/26 |
Sipwise C5 NGCP CSC Exploit, Click2Dial Cross-Site Request Forgery (CSRF)
WEBAPPS Author: iquidWor | 2021/04/23 |
Sipwise C5 NGCP CSC Exploit, 'Multiple' Stored/Reflected Cross-Site Scripting (XSS)
WEBAPPS Author: iquidWor | 2021/04/23 |
DzzOffice 2.02.1 Exploit, 'Multiple' Cross-Site Scripting (XSS)
WEBAPPS Author: u11secur1t | 2021/04/23 |
GetSimple CMS My SMTP Contact Plugin 1.1.2 Exploit, CSRF to Stored XSS to RCE
WEBAPPS Author: ok | 2021/04/23 |
Moodle 3.10.3 Exploit, 'url' Persistent Cross Site Scripting
WEBAPPS Author: Visio | 2021/04/23 |
RemoteClinic 2.0 Exploit, 'Multiple' Stored Cross-Site Scripting (XSS)
WEBAPPS Author: Saud Ahmad | 2021/04/22 |
OTRS 6.0.1 Exploit, Remote Command Execution (2)
WEBAPPS Author: ex_2 | 2021/04/22 |
CMS Made Simple 2.2.15 Exploit, 'title' Cross-Site Scripting (XSS)
WEBAPPS Author: t | 2021/04/22 |
Hasura GraphQL 1.3.3 Exploit, Service Side Request Forgery (SSRF)
WEBAPPS Author: Dolev Farhi | 2021/04/21 |
Hasura GraphQL 1.3.3 Exploit, Local File Read
WEBAPPS Author: Dolev Farhi | 2021/04/21 |
Hasura GraphQL 1.3.3 Exploit, Denial of Service
DOS Author: Dolev Farhi | 2021/04/21 |
GravCMS 1.10.7 Exploit, Unauthenticated Arbitrary YAML Write/Update (Metasploit)
WEBAPPS Author: Mehmet Ince | 2021/04/21 |
Adtran Personal Phone Manager 10.8.1 Exploit, DNS Exfiltration
WEBAPPS Author: ndG4m | 2021/04/21 |
Adtran Personal Phone Manager 10.8.1 Exploit, 'Multiple' Reflected Cross-Site Scripting (XSS)
WEBAPPS Author: ndG4m | 2021/04/21 |
Adtran Personal Phone Manager 10.8.1 Exploit, 'emailAddress' Stored Cross-Site Scripting (XSS)
WEBAPPS Author: ndG4m | 2021/04/21 |
OpenEMR 5.0.2.1 Exploit, Remote Code Execution
WEBAPPS Author: ato | 2021/04/21 |
rconfig 3.9.6 Exploit, Arbitrary File Upload to Remote Code Execution (Authenticated) (2)
WEBAPPS Author: Vishwaraj Bhattrai | 2021/04/21 |
Tenda D151 & D301 Exploit, Configuration Download (Unauthenticated)
REMOTE Author: enChalia | 2021/04/21 |
RemoteClinic 2 Exploit, 'Multiple' Cross-Site Scripting (XSS)
WEBAPPS Author: u11secur1t | 2021/04/21 |
Discourse 2.7.0 Exploit, Rate Limit Bypass leads to 2FA Bypass
WEBAPPS Author: esh3l_91 | 2021/04/21 |
BlackCat CMS 1.3.6 Exploit, 'Multiple' Stored Cross-Site Scripting (XSS)
WEBAPPS Author: Ömer Hasan Durmuş | 2021/04/21 |
WordPress Plugin RSS for Yandex Turbo 1.29 Exploit, Stored Cross-Site Scripting (XSS)
WEBAPPS Author: Himamshu Dilip Kulkarni | 2021/04/21 |
Fast PHP Chat 1.3 Exploit, 'my_item_search' SQL Injection
WEBAPPS Author: Fatih Coskun | 2021/04/21 |
Multilaser Router RE018 AC1200 Exploit, Cross-Site Request Forgery (Enable Remote Access)
WEBAPPS Author: Rodolfo Mariano | 2021/04/21 |
GetSimple CMS My SMTP Contact Plugin 1.1.1 Exploit, CSRF to RCE
WEBAPPS Author: ok | 2021/04/16 |
glFTPd 2.11a Exploit, Remote Denial of Service
DOS Author: ynmap | 2021/04/15 |
htmly 2.8.0 Exploit, 'description' Stored Cross-Site Scripting (XSS)
WEBAPPS Author: u11secur1t | 2021/04/15 |
Tileserver-gl 3.0.0 Exploit, 'key' Reflected Cross-Site Scripting (XSS)
WEBAPPS Author: Akash Chathoth | 2021/04/15 |
Horde Groupware Webmail 5.2.22 Exploit, Stored XSS
WEBAPPS Author: u11secur1t | 2021/04/15 |
jQuery 1.0.3 Exploit, Cross-Site Scripting (XSS)
WEBAPPS Author: Central InfoSec | 2021/04/14 |
jQuery 1.2 Exploit, Cross-Site Scripting (XSS)
WEBAPPS Author: Central InfoSec | 2021/04/14 |
MariaDB 10.2 /MySQL Exploit, 'wsrep_provider' OS Command Execution
LOCAL Author: Central InfoSec | 2021/04/14 |
Genexis PLATINUM 4410 2.1 P4410-V2-1.28 Exploit, RCE
WEBAPPS Author: Jay Sharma | 2021/04/14 |
CITSmart ITSM 9.1.2.27 Exploit, 'query' Time-based Blind SQL Injection (Authenticated)
WEBAPPS Author: kysbs | 2021/04/14 |
CITSmart ITSM 9.1.2.22 Exploit, LDAP Injection
WEBAPPS Author: kysbs | 2021/04/14 |
Digital Crime Report Management System 1.0 Exploit, SQL Injection (Authentication Bypass)
WEBAPPS Author: aluhI | 2021/04/14 |
ExpressVPN VPN Router 1.0 Exploit, Router Login Panel's Integer Overflow
WEBAPPS Author: Jai Kumar Sharma | 2021/04/13 |
Blitar Tourism 1.0 Exploit, Authentication Bypass SQLi
WEBAPPS Author: igeri9 | 2021/04/13 |
Simple Student Information System 1.0 Exploit, SQL Injection (Authentication Bypass)
WEBAPPS Author: aluhI | 2021/04/13 |
vsftpd 2.3.4 Exploit, Backdoor Command Execution
REMOTE Author: erculesR | 2021/04/12 |
