[local] mRemoteNG v1.77.3.1784-NB - Cleartext Storage of Sensitive Information in Memory

July 28^th 2023 at 00:00

mRemoteNG v1.77.3.1784-NB - Cleartext Storage of Sensitive Information in Memory

Exploit-DB Updates

[webapps] WordPress Plugin AN_Gradebook 5.0.1 - SQLi

July 28^th 2023 at 00:00

WordPress Plugin AN_Gradebook 5.0.1 - SQLi

Exploit-DB Updates

[webapps] RosarioSIS 10.8.4 - CSV Injection

July 28^th 2023 at 00:00

RosarioSIS 10.8.4 - CSV Injection

Exploit-DB Updates

[webapps] Perch v3.2 - Persistent Cross Site Scripting (XSS)

July 28^th 2023 at 00:00

Perch v3.2 - Persistent Cross Site Scripting (XSS)

Exploit-DB Updates

[webapps] October CMS v3.4.4 - Stored Cross-Site Scripting (XSS) (Authenticated)

July 28^th 2023 at 00:00

October CMS v3.4.4 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit-DB Updates

[local] Keeper Security desktop 16.10.2 & Browser Extension 16.5.4 - Password Dumping

July 28^th 2023 at 00:00

Keeper Security desktop 16.10.2 & Browser Extension 16.5.4 - Password Dumping

Exploit-DB Updates

[webapps] zomplog 3.9 - Remote Code Execution (RCE)

July 28^th 2023 at 00:00

zomplog 3.9 - Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] mooDating 1.2 - Reflected Cross-site scripting (XSS)

July 28^th 2023 at 00:00

mooDating 1.2 - Reflected Cross-site scripting (XSS)

Exploit-DB Updates

[webapps] Joomla VirtueMart Shopping Cart 4.0.12 - Reflected XSS

July 28^th 2023 at 00:00

Joomla VirtueMart Shopping Cart 4.0.12 - Reflected XSS

Exploit-DB Updates

[webapps] PaulPrinting CMS - (Search Delivery) Cross Site Scripting

July 20^th 2023 at 00:00

PaulPrinting CMS - (Search Delivery) Cross Site Scripting

Exploit-DB Updates

[webapps] Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities

July 20^th 2023 at 00:00

Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities

Exploit-DB Updates

[webapps] Dooblou WiFi File Explorer 1.13.3 - Multiple Vulnerabilities

July 20^th 2023 at 00:00

Dooblou WiFi File Explorer 1.13.3 - Multiple Vulnerabilities

Exploit-DB Updates

[webapps] Perch v3.2 - Stored XSS

July 21^st 2023 at 00:00

Perch v3.2 - Stored XSS

Exploit-DB Updates

[webapps] Perch v3.2 - Remote Code Execution (RCE)

July 21^st 2023 at 00:00

Perch v3.2 - Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] pfSense v2.7.0 - OS Command Injection

July 20^th 2023 at 00:00

pfSense v2.7.0 - OS Command Injection

Exploit-DB Updates

[webapps] Wifi Soft Unibox Administration 3.0 & 3.1 - SQL Injection

July 20^th 2023 at 00:00

Wifi Soft Unibox Administration 3.0 & 3.1 - SQL Injection

Exploit-DB Updates

[webapps] RWS WorldServer 11.7.3 - Session Token Enumeration

July 20^th 2023 at 00:00

RWS WorldServer 11.7.3 - Session Token Enumeration

Exploit-DB Updates

[remote] Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege + RCE.

July 20^th 2023 at 00:00

Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege + RCE.

Exploit-DB Updates

[webapps] PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities

July 20^th 2023 at 00:00

PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities

Exploit-DB Updates

[local] RaidenFTPD 2.4.4005 - Buffer Overflow (SEH)

July 20^th 2023 at 00:00

RaidenFTPD 2.4.4005 - Buffer Overflow (SEH)

Exploit-DB Updates

[webapps] Aures Booking & POS Terminal - Local Privilege Escalation

July 20^th 2023 at 00:00

Aures Booking & POS Terminal - Local Privilege Escalation

Exploit-DB Updates

[webapps] Webile v1.0.1 - Multiple Cross Site Scripting

July 20^th 2023 at 00:00

Webile v1.0.1 - Multiple Cross Site Scripting

Exploit-DB Updates

[webapps] Boom CMS v8.0.7 - Cross Site Scripting

July 20^th 2023 at 00:00

Boom CMS v8.0.7 - Cross Site Scripting

Exploit-DB Updates

[webapps] phpfm v1.7.9 - Authentication type juggling

July 19^th 2023 at 00:00

phpfm v1.7.9 - Authentication type juggling

Exploit-DB Updates

[webapps] Vaidya-Mitra 1.0 - Multiple SQLi

July 19^th 2023 at 00:00

Vaidya-Mitra 1.0 - Multiple SQLi

Exploit-DB Updates

[webapps] Statamic 4.7.0 - File-Inclusion

July 19^th 2023 at 00:00

Statamic 4.7.0 - File-Inclusion

Exploit-DB Updates

[webapps] Blackcat Cms v1.4 - Remote Code Execution (RCE)

July 19^th 2023 at 00:00

Blackcat Cms v1.4 - Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] PimpMyLog v1.7.14 - Improper access control

July 19^th 2023 at 00:00

PimpMyLog v1.7.14 - Improper access control

Exploit-DB Updates

[webapps] Backdrop Cms v1.25.1 - Stored Cross-Site Scripting (XSS)

July 19^th 2023 at 00:00

Backdrop Cms v1.25.1 - Stored Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] CmsMadeSimple v2.2.17 - session hijacking via Server-Side Template Injection (SSTI)

July 19^th 2023 at 00:00

CmsMadeSimple v2.2.17 - session hijacking via Server-Side Template Injection (SSTI)

Exploit-DB Updates

[webapps] Blackcat Cms v1.4 - Stored XSS

July 19^th 2023 at 00:00

Blackcat Cms v1.4 - Stored XSS

Exploit-DB Updates

[webapps] CmsMadeSimple v2.2.17 - Remote Code Execution (RCE)

July 19^th 2023 at 00:00

CmsMadeSimple v2.2.17 - Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] TP-Link TL-WR740N - Authenticated Directory Transversal

July 19^th 2023 at 00:00

TP-Link TL-WR740N - Authenticated Directory Transversal

Exploit-DB Updates

[webapps] ABB FlowX v4.00 - Exposure of Sensitive Information

July 19^th 2023 at 00:00

ABB FlowX v4.00 - Exposure of Sensitive Information

Exploit-DB Updates

[webapps] Online Piggery Management System v1.0 - unauthenticated file upload vulnerability

July 19^th 2023 at 00:00

Online Piggery Management System v1.0 - unauthenticated file upload vulnerability

Exploit-DB Updates

[webapps] Joomla! com_booking component 2.4.9 - Information Leak (Account enumeration)

July 19^th 2023 at 00:00

Joomla! com_booking component 2.4.9 - Information Leak (Account enumeration)

Exploit-DB Updates

[remote] Hikvision Hybrid SAN Ds-a71024 Firmware - Multiple Remote Code Execution

July 19^th 2023 at 00:00

Hikvision Hybrid SAN Ds-a71024 Firmware - Multiple Remote Code Execution

Exploit-DB Updates

[webapps] CmsMadeSimple v2.2.17 - Stored Cross-Site Scripting (XSS)

July 19^th 2023 at 00:00

CmsMadeSimple v2.2.17 - Stored Cross-Site Scripting (XSS)

Exploit-DB Updates

[local] Microsoft Edge 114.0.1823.67 (64-bit) - Information Disclosure

July 6^th 2023 at 00:00

Microsoft Edge 114.0.1823.67 (64-bit) - Information Disclosure

Exploit-DB Updates

[webapps] ProjeQtOr Project Management System v10.4.1 - Multiple XSS

July 15^th 2023 at 00:00

ProjeQtOr Project Management System v10.4.1 - Multiple XSS

Exploit-DB Updates

[webapps] WinterCMS < 1.2.3 - Persistent Cross-Site Scripting

July 15^th 2023 at 00:00

WinterCMS

Exploit-DB Updates

[webapps] Icinga Web 2.10 - Authenticated Remote Code Execution

July 15^th 2023 at 00:00

Icinga Web 2.10 - Authenticated Remote Code Execution

Exploit-DB Updates

[local] XAMPP 8.2.4 - Unquoted Path

July 15^th 2023 at 00:00

XAMPP 8.2.4 - Unquoted Path

Exploit-DB Updates

[webapps] News Portal v4.0 - SQL Injection (Unauthorized)

July 15^th 2023 at 00:00

News Portal v4.0 - SQL Injection (Unauthorized)

Exploit-DB Updates

[webapps] Admidio v4.2.10 - Remote Code Execution (RCE)

July 15^th 2023 at 00:00

Admidio v4.2.10 - Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass

July 15^th 2023 at 00:00

Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass

Exploit-DB Updates

[webapps] Pluck v4.7.18 - Remote Code Execution (RCE)

July 15^th 2023 at 00:00

Pluck v4.7.18 - Remote Code Execution (RCE)

Exploit-DB Updates

[local] AVG Anti Spyware 7.5 - Unquoted Service Path "AVG Anti-Spyware Guard"

July 11^th 2023 at 00:00

AVG Anti Spyware 7.5 - Unquoted Service Path "AVG Anti-Spyware Guard"

Exploit-DB Updates

[local] MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path "MTSchedulerService"

July 11^th 2023 at 00:00

MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path "MTSchedulerService"

Exploit-DB Updates

[webapps] Ateme TITAN File 3.9 - SSRF File Enumeration

July 11^th 2023 at 00:00

Ateme TITAN File 3.9 - SSRF File Enumeration

Exploit-DB Updates

[webapps] Netlify CMS 2.10.192 - Stored Cross-Site Scripting (XSS)

July 11^th 2023 at 00:00

Netlify CMS 2.10.192 - Stored Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] BuildaGate5library v5 - Reflected Cross-Site Scripting (XSS)

July 11^th 2023 at 00:00

BuildaGate5library v5 - Reflected Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] Spring Cloud 3.2.2 - Remote Command Execution (RCE)

July 11^th 2023 at 00:00

Spring Cloud 3.2.2 - Remote Command Execution (RCE)

Exploit-DB Updates

[webapps] Frappe Framework (ERPNext) 13.4.0 - Remote Code Execution (Authenticated)

July 11^th 2023 at 00:00

Frappe Framework (ERPNext) 13.4.0 - Remote Code Execution (Authenticated)

Exploit-DB Updates

[local] Game Jackal Server v5 - Unquoted Service Path "GJServiceV5"

July 11^th 2023 at 00:00

Game Jackal Server v5 - Unquoted Service Path "GJServiceV5"

Exploit-DB Updates

[local] MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path "MTAgentService"

July 11^th 2023 at 00:00

MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path "MTAgentService"

Exploit-DB Updates

[remote] Windows 10 v21H1 - HTTP Protocol Stack Remote Code Execution

July 7^th 2023 at 00:00

Windows 10 v21H1 - HTTP Protocol Stack Remote Code Execution

Exploit-DB Updates

[remote] Microsoft Outlook Microsoft 365 MSO (Version 2306 Build 16.0.16529.20100) 32-bit - Remote Code Execution

July 7^th 2023 at 00:00

Microsoft Outlook Microsoft 365 MSO (Version 2306 Build 16.0.16529.20100) 32-bit - Remote Code Execution

Exploit-DB Updates

[webapps] Faculty Evaluation System v1.0 - SQL Injection

July 7^th 2023 at 00:00

Faculty Evaluation System v1.0 - SQL Injection

Exploit-DB Updates

[webapps] Lost and Found Information System v1.0 - SQL Injection

July 6^th 2023 at 00:00

Lost and Found Information System v1.0 - SQL Injection