FreshRSS

๐Ÿ”’
โŒ About FreshRSS
โ˜ท
โ–ณ ๐Ÿ”ƒ
There are new available articles, click to refresh the page.
Before yesterdayExploit-DB Updates

[local] NCH Express Invoice - Clear Text Password Storage and Account Takeover

NCH Express Invoice - Clear Text Password Storage and Account Takeover
  • June 23rd 2023 at 00:00
  • โ†—

[webapps] MCL-Net 4.3.5.8788 - Information Disclosure

MCL-Net 4.3.5.8788 - Information Disclosure
  • June 23rd 2023 at 00:00
  • โ†—

[webapps] Smart Office Web 20.28 - Remote Information Disclosure (Unauthenticated)

Smart Office Web 20.28 - Remote Information Disclosure (Unauthenticated)
  • June 22nd 2023 at 00:00
  • โ†—

[remote] Microsoft OneNote (Version 2305 Build 16.0.16501.20074) 64-bit - Spoofing

Microsoft OneNote (Version 2305 Build 16.0.16501.20074) 64-bit - Spoofing
  • June 22nd 2023 at 00:00
  • โ†—

[webapps] HiSecOS 04.0.01 - Privilege Escalation

HiSecOS 04.0.01 - Privilege Escalation
  • June 21st 2023 at 00:00
  • โ†—

[webapps] Super Socializer 7.13.52 - Reflected XSS

Super Socializer 7.13.52 - Reflected XSS
  • June 20th 2023 at 00:00
  • โ†—

[webapps] WP Sticky Social 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting (XSS)

WP Sticky Social 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting (XSS)
  • June 20th 2023 at 00:00
  • โ†—

[webapps] SPIP v4.2.0 - Remote Code Execution (Unauthenticated)

SPIP v4.2.0 - Remote Code Execution (Unauthenticated)
  • June 20th 2023 at 00:00
  • โ†—

[remote] Nokia ASIKA 7.13.52 - Hard-coded private key disclosure

Nokia ASIKA 7.13.52 - Hard-coded private key disclosure
  • June 20th 2023 at 00:00
  • โ†—

[webapps] Symantec SiteMinder WebAgent v12.52 - Cross-site scripting (XSS)

Symantec SiteMinder WebAgent v12.52 - Cross-site scripting (XSS)
  • June 19th 2023 at 00:00
  • โ†—

[webapps] Student Study Center Management System v1.0 - Stored Cross-Site Scripting (XSS)

Student Study Center Management System v1.0 - Stored Cross-Site Scripting (XSS)
  • June 19th 2023 at 00:00
  • โ†—

[webapps] The Shop v2.5 - SQL Injection

The Shop v2.5 - SQL Injection
  • June 19th 2023 at 00:00
  • โ†—

[webapps] Jobpilot v2.61 - SQL Injection

Jobpilot v2.61 - SQL Injection
  • June 19th 2023 at 00:00
  • โ†—

[webapps] Diafan CMS 6.0 - Reflected Cross-Site Scripting (XSS)

Diafan CMS 6.0 - Reflected Cross-Site Scripting (XSS)
  • June 19th 2023 at 00:00
  • โ†—

[webapps] Groomify v1.0 - SQL Injection

Groomify v1.0 - SQL Injection
  • June 19th 2023 at 00:00
  • โ†—

[webapps] WordPress Theme Medic v1.0.0 - Weak Password Recovery Mechanism for Forgotten Password

WordPress Theme Medic v1.0.0 - Weak Password Recovery Mechanism for Forgotten Password
  • June 19th 2023 at 00:00
  • โ†—

[webapps] Online Art gallery project 1.0 - Arbitrary File Upload (Unauthenticated)

Online Art gallery project 1.0 - Arbitrary File Upload (Unauthenticated)
  • June 15th 2023 at 00:00
  • โ†—

[webapps] PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)

PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)
  • June 14th 2023 at 00:00
  • โ†—

[webapps] Textpattern CMS v4.8.8 - Stored Cross-Site Scripting (XSS) (Authenticated)

Textpattern CMS v4.8.8 - Stored Cross-Site Scripting (XSS) (Authenticated)
  • June 14th 2023 at 00:00
  • โ†—

[webapps] Xoops CMS 2.5.10 - Stored Cross-Site Scripting (XSS) (Authenticated)

Xoops CMS 2.5.10 - Stored Cross-Site Scripting (XSS) (Authenticated)
  • June 14th 2023 at 00:00
  • โ†—

[webapps] projectSend r1605 - Stored XSS

projectSend r1605 - Stored XSS
  • June 14th 2023 at 00:00
  • โ†—

[webapps] Online Thesis Archiving System v1.0 - Multiple-SQLi

Online Thesis Archiving System v1.0 - Multiple-SQLi
  • June 14th 2023 at 00:00
  • โ†—

[remote] Anevia Flamingo XL 3.2.9 - Remote Root Jailbreak

Anevia Flamingo XL 3.2.9 - Remote Root Jailbreak
  • June 14th 2023 at 00:00
  • โ†—

[webapps] projectSend r1605 - CSV injection

projectSend r1605 - CSV injection
  • June 14th 2023 at 00:00
  • โ†—

[remote] Anevia Flamingo XS 3.6.5 - Authenticated Root Remote Code Execution

Anevia Flamingo XS 3.6.5 - Authenticated Root Remote Code Execution
  • June 14th 2023 at 00:00
  • โ†—

[webapps] PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)

PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)
  • June 14th 2023 at 00:00
  • โ†—

[webapps] Monstra 3.0.4 - Stored Cross-Site Scripting (XSS)

Monstra 3.0.4 - Stored Cross-Site Scripting (XSS)
  • June 14th 2023 at 00:00
  • โ†—

[remote] Anevia Flamingo XL 3.6.20 - Authenticated Root Remote Code Execution

Anevia Flamingo XL 3.6.20 - Authenticated Root Remote Code Execution
  • June 14th 2023 at 00:00
  • โ†—

[webapps] Sales Tracker Management System v1.0 - Multiple Vulnerabilities

Sales Tracker Management System v1.0 - Multiple Vulnerabilities
  • June 13th 2023 at 00:00
  • โ†—

[webapps] Teachers Record Management System 1.0 - File Upload Type Validation

Teachers Record Management System 1.0 - File Upload Type Validation
  • June 13th 2023 at 00:00
  • โ†—

[webapps] Online Examination System Project 1.0 - Cross-site request forgery (CSRF)

Online Examination System Project 1.0 - Cross-site request forgery (CSRF)
  • June 13th 2023 at 00:00
  • โ†—

[webapps] Thruk Monitoring Web Interface 3.06 - Path Traversal

Thruk Monitoring Web Interface 3.06 - Path Traversal
  • June 9th 2023 at 00:00
  • โ†—

[local] USB Flash Drives Control 4.1.0.0 - Unquoted Service Path

USB Flash Drives Control 4.1.0.0 - Unquoted Service Path
  • June 7th 2023 at 00:00
  • โ†—

[webapps] Tree Page View Plugin 1.6.7 - Cross Site Scripting (XSS)

Tree Page View Plugin 1.6.7 - Cross Site Scripting (XSS)
  • June 6th 2023 at 00:00
  • โ†—

[local] Macro Expert 4.9 - Unquoted Service Path

Macro Expert 4.9 - Unquoted Service Path
  • June 6th 2023 at 00:00
  • โ†—

[webapps] Barebones CMS v2.0.2 - Stored Cross-Site Scripting (XSS) (Authenticated)

Barebones CMS v2.0.2 - Stored Cross-Site Scripting (XSS) (Authenticated)
  • June 4th 2023 at 00:00
  • โ†—

[webapps] Enrollment System Project v1.0 - SQL Injection Authentication Bypass (SQLI)

Enrollment System Project v1.0 - SQL Injection Authentication Bypass (SQLI)
  • June 4th 2023 at 00:00
  • โ†—

[webapps] MotoCMS Version 3.4.3 - SQL Injection

MotoCMS Version 3.4.3 - SQL Injection
  • June 4th 2023 at 00:00
  • โ†—

[webapps] Total CMS 1.7.4 - Remote Code Execution (RCE)

Total CMS 1.7.4 - Remote Code Execution (RCE)
  • June 4th 2023 at 00:00
  • โ†—

[webapps] File Manager Advanced Shortcode 2.3.2 - Unauthenticated Remote Code Execution (RCE)

File Manager Advanced Shortcode 2.3.2 - Unauthenticated Remote Code Execution (RCE)
  • June 4th 2023 at 00:00
  • โ†—

[webapps] STARFACE 7.3.0.10 - Authentication with Password Hash Possible

STARFACE 7.3.0.10 - Authentication with Password Hash Possible
  • June 4th 2023 at 00:00
  • โ†—

[webapps] Rukovoditel 3.3.1 - CSV injection

Rukovoditel 3.3.1 - CSV injection
  • May 31st 2023 at 00:00
  • โ†—

[remote] Flexense HTTP Server 10.6.24 - Buffer Overflow (DoS) (Metasploit)

Flexense HTTP Server 10.6.24 - Buffer Overflow (DoS) (Metasploit)
  • May 31st 2023 at 00:00
  • โ†—

[webapps] Pydio Cells 4.1.2 - Server-Side Request Forgery

Pydio Cells 4.1.2 - Server-Side Request Forgery
  • May 31st 2023 at 00:00
  • โ†—

[webapps] Online Security Guards Hiring System 1.0 - Reflected XSS

Online Security Guards Hiring System 1.0 - Reflected XSS
  • May 31st 2023 at 00:00
  • โ†—

[webapps] Pydio Cells 4.1.2 - Cross-Site Scripting (XSS) via File Download

Pydio Cells 4.1.2 - Cross-Site Scripting (XSS) via File Download
  • May 31st 2023 at 00:00
  • โ†—

[webapps] MotoCMS Version 3.4.3 - Server-Side Template Injection (SSTI)

MotoCMS Version 3.4.3 - Server-Side Template Injection (SSTI)
  • May 31st 2023 at 00:00
  • โ†—

[webapps] SCRMS 2023-05-27 1.0 - Multiple SQL Injection

SCRMS 2023-05-27 1.0 - Multiple SQL Injection
  • May 31st 2023 at 00:00
  • โ†—

[webapps] Pydio Cells 4.1.2 - Unauthorised Role Assignments

Pydio Cells 4.1.2 - Unauthorised Role Assignments
  • May 31st 2023 at 00:00
  • โ†—

[webapps] unilogies/bumsys v1.0.3 beta - Unrestricted File Upload

unilogies/bumsys v1.0.3 beta - Unrestricted File Upload
  • May 31st 2023 at 00:00
  • โ†—

[webapps] Faculty Evaluation System 1.0 - Unauthenticated File Upload

Faculty Evaluation System 1.0 - Unauthenticated File Upload
  • May 31st 2023 at 00:00
  • โ†—

[webapps] Camaleon CMS v2.7.0 - Server-Side Template Injection (SSTI)

Camaleon CMS v2.7.0 - Server-Side Template Injection (SSTI)
  • May 26th 2023 at 00:00
  • โ†—

[webapps] WBCE CMS 1.6.1 - Multiple Stored Cross-Site Scripting (XSS)

WBCE CMS 1.6.1 - Multiple Stored Cross-Site Scripting (XSS)
  • May 25th 2023 at 00:00
  • โ†—

[remote] Seagate Central Storage 2015.0916 - Unauthenticated Remote Command Execution (Metasploit)

Seagate Central Storage 2015.0916 - Unauthenticated Remote Command Execution (Metasploit)
  • May 25th 2023 at 00:00
  • โ†—

[local] Filmora 12 version ( Build 1.0.0.7) - Unquoted Service Paths Privilege Escalation

Filmora 12 version ( Build 1.0.0.7) - Unquoted Service Paths Privilege Escalation
  • May 25th 2023 at 00:00
  • โ†—

[webapps] SCM Manager 1.60 - Cross-Site Scripting Stored (Authenticated)

SCM Manager 1.60 - Cross-Site Scripting Stored (Authenticated)
  • May 25th 2023 at 00:00
  • โ†—

[webapps] Ulicms 2023.1 - create admin user via mass assignment

Ulicms 2023.1 - create admin user via mass assignment
  • May 25th 2023 at 00:00
  • โ†—

[webapps] Zenphoto 1.6 - Multiple stored XSS

Zenphoto 1.6 - Multiple stored XSS
  • May 25th 2023 at 00:00
  • โ†—
โŒ