[webapps] Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Event Access

August 4^th 2023 at 00:00

Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Event Access

Exploit-DB Updates

[webapps] WordPress Plugin Ninja Forms 3.6.25 - Reflected XSS

August 4^th 2023 at 00:00

WordPress Plugin Ninja Forms 3.6.25 - Reflected XSS

Exploit-DB Updates

[dos] Xlight FTP Server 3.9.3.6 - 'Stack Buffer Overflow' (DOS)

August 4^th 2023 at 00:00

Xlight FTP Server 3.9.3.6 - 'Stack Buffer Overflow' (DOS)

Exploit-DB Updates

[webapps] Webedition CMS v2.9.8.8 - Remote Code Execution (RCE)

August 4^th 2023 at 00:00

Webedition CMS v2.9.8.8 - Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] WordPress adivaha Travel Plugin 2.3 - SQL Injection

August 4^th 2023 at 00:00

WordPress adivaha Travel Plugin 2.3 - SQL Injection

Exploit-DB Updates

[webapps] PHPJabbers Night Club Booking 1.0 - Reflected XSS

August 4^th 2023 at 00:00

PHPJabbers Night Club Booking 1.0 - Reflected XSS

Exploit-DB Updates

[webapps] Joomla JLex Review 6.0.1 - Reflected XSS

August 4^th 2023 at 00:00

Joomla JLex Review 6.0.1 - Reflected XSS

Exploit-DB Updates

[webapps] PHPJabbers Taxi Booking 2.0 - Reflected XSS

August 4^th 2023 at 00:00

PHPJabbers Taxi Booking 2.0 - Reflected XSS

Exploit-DB Updates

[webapps] PHPJabbers Service Booking Script 1.0 - Reflected XSS

August 4^th 2023 at 00:00

PHPJabbers Service Booking Script 1.0 - Reflected XSS

Exploit-DB Updates

[webapps] Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Post Access via IDOR

August 4^th 2023 at 00:00

Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Post Access via IDOR

Exploit-DB Updates

[webapps] Campcodes Online Matrimonial Website System v3.3 - Code Execution via malicious SVG file upload

August 4^th 2023 at 00:00

Campcodes Online Matrimonial Website System v3.3 - Code Execution via malicious SVG file upload

Exploit-DB Updates

[webapps] PHPJabbers Rental Property Booking 2.0 - Reflected XSS

August 4^th 2023 at 00:00

PHPJabbers Rental Property Booking 2.0 - Reflected XSS

Exploit-DB Updates

[webapps] PHPJabbers Shuttle Booking Software 1.0 - Reflected XSS

August 4^th 2023 at 00:00

PHPJabbers Shuttle Booking Software 1.0 - Reflected XSS

Exploit-DB Updates

[remote] ReyeeOS 1.204.1614 - MITM Remote Code Execution (RCE)

August 4^th 2023 at 00:00

ReyeeOS 1.204.1614 - MITM Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] Academy LMS 6.0 - Reflected XSS

August 4^th 2023 at 00:00

Academy LMS 6.0 - Reflected XSS

Exploit-DB Updates

[webapps] Webutler v3.2 - Remote Code Execution (RCE)

August 4^th 2023 at 00:00

Webutler v3.2 - Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] Ozeki SMS Gateway 10.3.208 - Arbitrary File Read (Unauthenticated)

August 4^th 2023 at 00:00

Ozeki SMS Gateway 10.3.208 - Arbitrary File Read (Unauthenticated)

Exploit-DB Updates

[webapps] PHPJabbers Cleaning Business 1.0 - Reflected XSS

August 4^th 2023 at 00:00

PHPJabbers Cleaning Business 1.0 - Reflected XSS

Exploit-DB Updates

[webapps] WordPress Plugin Forminator 1.24.6 - Unauthenticated Remote Command Execution

August 4^th 2023 at 00:00

WordPress Plugin Forminator 1.24.6 - Unauthenticated Remote Command Execution

Exploit-DB Updates

[webapps] WordPress adivaha Travel Plugin 2.3 - Reflected XSS

August 4^th 2023 at 00:00

WordPress adivaha Travel Plugin 2.3 - Reflected XSS

Exploit-DB Updates

[remote] Shelly PRO 4PM v0.11.0 - Authentication Bypass

August 4^th 2023 at 00:00

Shelly PRO 4PM v0.11.0 - Authentication Bypass

Exploit-DB Updates

[webapps] Uvdesk v1.1.3 - File Upload Remote Code Execution (RCE) (Authenticated)

July 31^st 2023 at 00:00

Uvdesk v1.1.3 - File Upload Remote Code Execution (RCE) (Authenticated)

Exploit-DB Updates

[webapps] Joomla iProperty Real Estate 4.1.1 - Reflected XSS

July 31^st 2023 at 00:00

Joomla iProperty Real Estate 4.1.1 - Reflected XSS

Exploit-DB Updates

[webapps] Joomla Solidres 2.13.3 - Reflected XSS

July 31^st 2023 at 00:00

Joomla Solidres 2.13.3 - Reflected XSS

Exploit-DB Updates

[local] General Device Manager 2.5.2.2 - Buffer Overflow (SEH)

July 31^st 2023 at 00:00

General Device Manager 2.5.2.2 - Buffer Overflow (SEH)

Exploit-DB Updates

[webapps] copyparty v1.8.6 - Reflected Cross Site Scripting (XSS)

July 28^th 2023 at 00:00

copyparty v1.8.6 - Reflected Cross Site Scripting (XSS)

Exploit-DB Updates

[webapps] Zomplog 3.9 - Cross-site scripting (XSS)

July 28^th 2023 at 00:00

Zomplog 3.9 - Cross-site scripting (XSS)

Exploit-DB Updates

[webapps] Joomla HikaShop 4.7.4 - Reflected XSS

July 28^th 2023 at 00:00

Joomla HikaShop 4.7.4 - Reflected XSS

Exploit-DB Updates

[webapps] copyparty 1.8.2 - Directory Traversal

July 28^th 2023 at 00:00

copyparty 1.8.2 - Directory Traversal

Exploit-DB Updates

[local] GreenShot 1.2.10 - Insecure Deserialization Arbitrary Code Execution

July 28^th 2023 at 00:00

GreenShot 1.2.10 - Insecure Deserialization Arbitrary Code Execution

Exploit-DB Updates

[webapps] Availability Booking Calendar v1.0 - Multiple Cross-site scripting (XSS)

July 28^th 2023 at 00:00

Availability Booking Calendar v1.0 - Multiple Cross-site scripting (XSS)

Exploit-DB Updates

[local] mRemoteNG v1.77.3.1784-NB - Cleartext Storage of Sensitive Information in Memory

July 28^th 2023 at 00:00

mRemoteNG v1.77.3.1784-NB - Cleartext Storage of Sensitive Information in Memory

Exploit-DB Updates

[webapps] WordPress Plugin AN_Gradebook 5.0.1 - SQLi

July 28^th 2023 at 00:00

WordPress Plugin AN_Gradebook 5.0.1 - SQLi

Exploit-DB Updates

[webapps] RosarioSIS 10.8.4 - CSV Injection

July 28^th 2023 at 00:00

RosarioSIS 10.8.4 - CSV Injection

Exploit-DB Updates

[webapps] Perch v3.2 - Persistent Cross Site Scripting (XSS)

July 28^th 2023 at 00:00

Perch v3.2 - Persistent Cross Site Scripting (XSS)

Exploit-DB Updates

[webapps] October CMS v3.4.4 - Stored Cross-Site Scripting (XSS) (Authenticated)

July 28^th 2023 at 00:00

October CMS v3.4.4 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit-DB Updates

[local] Keeper Security desktop 16.10.2 & Browser Extension 16.5.4 - Password Dumping

July 28^th 2023 at 00:00

Keeper Security desktop 16.10.2 & Browser Extension 16.5.4 - Password Dumping

Exploit-DB Updates

[webapps] zomplog 3.9 - Remote Code Execution (RCE)

July 28^th 2023 at 00:00

zomplog 3.9 - Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] mooDating 1.2 - Reflected Cross-site scripting (XSS)

July 28^th 2023 at 00:00

mooDating 1.2 - Reflected Cross-site scripting (XSS)

Exploit-DB Updates

[webapps] Joomla VirtueMart Shopping Cart 4.0.12 - Reflected XSS

July 28^th 2023 at 00:00

Joomla VirtueMart Shopping Cart 4.0.12 - Reflected XSS

Exploit-DB Updates

[webapps] PaulPrinting CMS - (Search Delivery) Cross Site Scripting

July 20^th 2023 at 00:00

PaulPrinting CMS - (Search Delivery) Cross Site Scripting

Exploit-DB Updates

[webapps] Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities

July 20^th 2023 at 00:00

Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities

Exploit-DB Updates

[webapps] Dooblou WiFi File Explorer 1.13.3 - Multiple Vulnerabilities

July 20^th 2023 at 00:00

Dooblou WiFi File Explorer 1.13.3 - Multiple Vulnerabilities

Exploit-DB Updates

[webapps] Perch v3.2 - Stored XSS

July 21^st 2023 at 00:00

Perch v3.2 - Stored XSS

Exploit-DB Updates

[webapps] Perch v3.2 - Remote Code Execution (RCE)

July 21^st 2023 at 00:00

Perch v3.2 - Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] pfSense v2.7.0 - OS Command Injection

July 20^th 2023 at 00:00

pfSense v2.7.0 - OS Command Injection

Exploit-DB Updates

[webapps] Wifi Soft Unibox Administration 3.0 & 3.1 - SQL Injection

July 20^th 2023 at 00:00

Wifi Soft Unibox Administration 3.0 & 3.1 - SQL Injection

Exploit-DB Updates

[webapps] RWS WorldServer 11.7.3 - Session Token Enumeration

July 20^th 2023 at 00:00

RWS WorldServer 11.7.3 - Session Token Enumeration

Exploit-DB Updates

[remote] Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege + RCE.

July 20^th 2023 at 00:00

Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege + RCE.

Exploit-DB Updates

[webapps] PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities

July 20^th 2023 at 00:00

PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities

Exploit-DB Updates

[local] RaidenFTPD 2.4.4005 - Buffer Overflow (SEH)

July 20^th 2023 at 00:00

RaidenFTPD 2.4.4005 - Buffer Overflow (SEH)

Exploit-DB Updates

[webapps] Aures Booking & POS Terminal - Local Privilege Escalation

July 20^th 2023 at 00:00

Aures Booking & POS Terminal - Local Privilege Escalation

Exploit-DB Updates

[webapps] Webile v1.0.1 - Multiple Cross Site Scripting

July 20^th 2023 at 00:00

Webile v1.0.1 - Multiple Cross Site Scripting

Exploit-DB Updates

[webapps] Boom CMS v8.0.7 - Cross Site Scripting

July 20^th 2023 at 00:00

Boom CMS v8.0.7 - Cross Site Scripting

Exploit-DB Updates

[webapps] phpfm v1.7.9 - Authentication type juggling

July 19^th 2023 at 00:00

phpfm v1.7.9 - Authentication type juggling

Exploit-DB Updates

[webapps] Vaidya-Mitra 1.0 - Multiple SQLi

July 19^th 2023 at 00:00

Vaidya-Mitra 1.0 - Multiple SQLi

Exploit-DB Updates

[webapps] Statamic 4.7.0 - File-Inclusion

July 19^th 2023 at 00:00

Statamic 4.7.0 - File-Inclusion

Exploit-DB Updates

[webapps] Blackcat Cms v1.4 - Remote Code Execution (RCE)

July 19^th 2023 at 00:00

Blackcat Cms v1.4 - Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] PimpMyLog v1.7.14 - Improper access control

July 19^th 2023 at 00:00

PimpMyLog v1.7.14 - Improper access control

Exploit-DB Updates

[webapps] Backdrop Cms v1.25.1 - Stored Cross-Site Scripting (XSS)

July 19^th 2023 at 00:00

Backdrop Cms v1.25.1 - Stored Cross-Site Scripting (XSS)