2021-01-26 |
oracle weblogic server 12.2.1.0 - rce (unauthenticated)
|
webapps exploit |
java vulnerability |
2021-01-26 |
tenda ac5 ac1200 wireless - 'wifi name & password' stored cross site scripting
|
webapps exploit |
hardware vulnerability |
2021-01-26 |
simple college website 1.0 - 'full' stored cross site scripting
|
webapps exploit |
php vulnerability |
2021-01-26 |
simple college website 1.0 - 'name' sql injection (authentication bypass)
|
webapps exploit |
php vulnerability |
2021-01-26 |
cemetry mapping and information system 1.0 - 'user_email' sql injection (authentication bypass)
|
webapps exploit |
php vulnerability |
2021-01-25 |
klog server 2.4.1 - unauthenticated command injection (metasploit)
|
webapps exploit |
php vulnerability |
2021-01-25 |
library system 1.0 - 'category' sql injection
|
webapps exploit |
php vulnerability |
2021-01-25 |
casap automated enrollment system 1.0 - 'route' stored xss
|
webapps exploit |
php vulnerability |
2021-01-25 |
casap automated enrollment system 1.0 - 'first name' stored xss
|
webapps exploit |
php vulnerability |
2021-01-25 |
collabtive 3.1 - 'address' persistent cross-site scripting
|
webapps exploit |
php vulnerability |
2021-01-25 |
mybb timeline plugin 1.0 - cross-site scripting / csrf
|
webapps exploit |
php vulnerability |
2021-01-22 |
windows/x86 - download file (http://10.10.10.5:8080/2nwyfq9t.hta) via mshta + execute + stager shellcode (143 bytes)
|
shellcode exploit |
windows_x86 vulnerability |
2021-01-22 |
atlassian confluence widget connector macro - ssti
|
webapps exploit |
multiple vulnerability |
2021-01-22 |
erpnext 12.14.0 - sql injection (authenticated)
|
webapps exploit |
multiple vulnerability |
2021-01-22 |
casap automated enrollment system 1.0 - authentication bypass
|
webapps exploit |
php vulnerability |
2021-01-22 |
library system 1.0 - authentication bypass via sql injection
|
webapps exploit |
php vulnerability |
2021-01-22 |
oracle weblogic server 14.1.1.0 - rce (authenticated)
|
webapps exploit |
java vulnerability |
2021-01-22 |
selea targa ip ocr-anpr camera - 'addr' remote code execution (unauthenticated)
|
webapps exploit |
hardware vulnerability |
2021-01-22 |
selea targa ip ocr-anpr camera - rtp/rtsp/m-jpeg stream disclosure (unauthenticated)
|
webapps exploit |
hardware vulnerability |
2021-01-22 |
selea targa ip ocr-anpr camera - csrf add admin
|
webapps exploit |
hardware vulnerability |
2021-01-22 |
selea targa ip ocr-anpr camera - multiple ssrf (unauthenticated)
|
webapps exploit |
hardware vulnerability |
2021-01-22 |
selea targa ip ocr-anpr camera - directory traversal file disclosure (unauthenticated)
|
webapps exploit |
hardware vulnerability |
2021-01-22 |
selea targa ip ocr-anpr camera - developer backdoor config overwrite
|
webapps exploit |
hardware vulnerability |
2021-01-22 |
selea targa ip ocr-anpr camera - 'files_list' remote stored xss
|
webapps exploit |
hardware vulnerability |
2021-01-22 |
selea carplateserver (cps) 4.0.1.6 - local privilege escalation
|
local exploit |
windows vulnerability |
2021-01-22 |
selea carplateserver (cps) 4.0.1.6 - remote program execution
|
webapps exploit |
multiple vulnerability |
2021-01-21 |
anchor cms 0.12.7 - csrf (delete user)
|
webapps exploit |
multiple vulnerability |
2021-01-21 |
wordpress plugin simple job board 2.9.3 - authenticated file read (metasploit)
|
webapps exploit |
php vulnerability |
2021-01-21 |
nagios xi 5.7.5 - multiple persistent cross-site scripting
|
webapps exploit |
php vulnerability |
2021-01-21 |
apartment visitors management system 1.0 - 'email' sql injection
|
webapps exploit |
php vulnerability |
2021-01-21 |
online documents sharing platform 1.0 - 'user' sql injection
|
webapps exploit |
php vulnerability |
2021-01-20 |
linux/x86 - bind socat (0.0.0.0:1000/tcp) shell (bash) shellcode (113 bytes)
|
shellcode exploit |
linux_x86 vulnerability |
2021-01-20 |
voting system 1.0 - file upload rce (authenticated remote code execution)
|
webapps exploit |
php vulnerability |
2021-01-20 |
oracle business intelligence enterprise edition 11.1.1.7.140715 - stored xss
|
webapps exploit |
multiple vulnerability |
2021-01-20 |
churchrota 2.6.4 - rce (authenticated)
|
webapps exploit |
multiple vulnerability |
2021-01-19 |
osticket 1.14.2 - ssrf
|
webapps exploit |
php vulnerability |
2021-01-18 |
life insurance management system 1.0 - file upload rce (authenticated)
|
webapps exploit |
php vulnerability |
2021-01-18 |
life insurance management system 1.0 - 'client_id' sql injection
|
webapps exploit |
php vulnerability |
2021-01-18 |
inteno iopsys 3.16.4 - root filesystem access via sambashare (authenticated)
|
webapps exploit |
hardware vulnerability |
2021-01-18 |
xwiki cms 12.10.2 - cross site scripting (xss)
|
webapps exploit |
multiple vulnerability |
2021-01-18 |
cisco ucs manager 2.2(1d) - remote command execution
|
webapps exploit |
hardware vulnerability |
2021-01-15 |
netsia seba+ 0.16.1 - authentication bypass and add root user (metasploit)
|
webapps exploit |
multiple vulnerability |
2021-01-15 |
e-learning system 1.0 - authentication bypass & rce poc
|
webapps exploit |
php vulnerability |
2021-01-15 |
alumni management system 1.0 - "last name field in registration page" stored xss
|
webapps exploit |
php vulnerability |
2021-01-15 |
eyesofnetwork 5.3 - file upload remote code execution
|
webapps exploit |
multiple vulnerability |
2021-01-15 |
online hotel reservation system 1.0 - 'person' time-based sql injection
|
webapps exploit |
php vulnerability |
2021-01-15 |
online hotel reservation system 1.0 - cross-site request forgery (csrf)
|
webapps exploit |
php vulnerability |
2021-01-15 |
online hotel reservation system 1.0 - 'id' time-based sql injection
|
webapps exploit |
php vulnerability |
2021-01-15 |
online hotel reservation system 1.0 - 'description' stored cross-site scripting
|
webapps exploit |
php vulnerability |
2021-01-15 |
wordpress plugin easy contact form 1.1.7 - 'name' stored cross-site scripting (xss)
|
webapps exploit |
php vulnerability |