Login
FreshRSS
Login
Exploit-DB Updates
[local] (shellcode) Linux-x64 - create a shell with execve() sending argument using XOR (/bin//sh) [55 bytes]
February 28
th
2024 at 00:00
(shellcode) Linux-x64 - create a shell with execve() sending argument using XOR (/bin//sh) [55 bytes]
Exploit-DB Updates
[webapps] Blood Bank v1.0 - Multiple SQL Injection
February 28
th
2024 at 00:00
Blood Bank v1.0 - Multiple SQL Injection
Exploit-DB Updates
[webapps] WP Rocket < 2.10.3 - Local File Inclusion (LFI)
February 28
th
2024 at 00:00
WP Rocket
Exploit-DB Updates
[local] Saflok - Key Derication Function Exploit
February 28
th
2024 at 00:00
Saflok - Key Derication Function Exploit
Exploit-DB Updates
[webapps] WP Fastest Cache 1.2.2 - Unauthenticated SQL Injection
February 28
th
2024 at 00:00
WP Fastest Cache 1.2.2 - Unauthenticated SQL Injection
Exploit-DB Updates
[webapps] WordPress Plugin Admin Bar & Dashboard Access Control Version: 1.2.8 - "Dashboard Redirect" field Stored Cross-Site Scripting (XSS)
February 28
th
2024 at 00:00
WordPress Plugin Admin Bar & Dashboard Access Control Version: 1.2.8 - "Dashboard Redirect" field Stored Cross-Site Scripting (XSS)
Exploit-DB Updates
[remote] TEM Opera Plus FM Family Transmitter 35.45 - XSRF
February 27
th
2024 at 00:00
TEM Opera Plus FM Family Transmitter 35.45 - XSRF
Exploit-DB Updates
[webapps] Atlassian Confluence Data Center and Server - Authentication Bypass (Metasploit)
February 27
th
2024 at 00:00
Atlassian Confluence Data Center and Server - Authentication Bypass (Metasploit)
Exploit-DB Updates
[remote] TEM Opera Plus FM Family Transmitter 35.45 - Remote Code Execution
February 27
th
2024 at 00:00
TEM Opera Plus FM Family Transmitter 35.45 - Remote Code Execution
Exploit-DB Updates
[webapps] Wordpress Plugin Canto < 3.0.5 - Remote File Inclusion (RFI) and Remote Code Execution (RCE)
February 27
th
2024 at 00:00
Wordpress Plugin Canto
Exploit-DB Updates
[webapps] Moodle 4.3 - Reflected XSS
February 27
th
2024 at 00:00
Moodle 4.3 - Reflected XSS
Exploit-DB Updates
[remote] Executables Created with perl2exe < V30.10C - Arbitrary Code Execution
February 27
th
2024 at 00:00
Executables Created with perl2exe
Exploit-DB Updates
[webapps] Zoo Management System 1.0 - Unauthenticated RCE
February 27
th
2024 at 00:00
Zoo Management System 1.0 - Unauthenticated RCE
Exploit-DB Updates
[webapps] Automatic-Systems SOC FL9600 FastLine - The device contains hardcoded login and password for super admin
February 27
th
2024 at 00:00
Automatic-Systems SOC FL9600 FastLine - The device contains hardcoded login and password for super admin
Exploit-DB Updates
[webapps] dawa-pharma 1.0-2022 - Multiple-SQLi
February 27
th
2024 at 00:00
dawa-pharma 1.0-2022 - Multiple-SQLi
Exploit-DB Updates
[webapps] Moodle 4.3 - Insecure Direct Object Reference
February 27
th
2024 at 00:00
Moodle 4.3 - Insecure Direct Object Reference
Exploit-DB Updates
[webapps] Automatic-Systems SOC FL9600 FastLine - Directory Transversal
February 27
th
2024 at 00:00
Automatic-Systems SOC FL9600 FastLine - Directory Transversal
Exploit-DB Updates
[webapps] SuperStoreFinder - Multiple Vulnerabilities
February 27
th
2024 at 00:00
SuperStoreFinder - Multiple Vulnerabilities
Exploit-DB Updates
[remote] Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'Credentials Disclosure'
February 26
th
2024 at 00:00
Wyrestorm Apollo VX20
Exploit-DB Updates
[webapps] Online Shopping System Advanced - Sql Injection
February 26
th
2024 at 00:00
Online Shopping System Advanced - Sql Injection
Exploit-DB Updates
[webapps] comments-like-dislike < 1.2.0 - Authenticated (Subscriber+) Plugin Setting Reset
February 26
th
2024 at 00:00
comments-like-dislike
Exploit-DB Updates
[remote] IBM i Access Client Solutions v1.1.2 - 1.1.4, v1.1.4.3 - 1.1.9.4 - Remote Credential Theft
February 26
th
2024 at 00:00
IBM i Access Client Solutions v1.1.2 - 1.1.4, v1.1.4.3 - 1.1.9.4 - Remote Credential Theft
Exploit-DB Updates
[dos] Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'DoS'
February 26
th
2024 at 00:00
Wyrestorm Apollo VX20
Exploit-DB Updates
[remote] Flashcard Quiz App v1.0 - 'card' SQL Injection
February 26
th
2024 at 00:00
Flashcard Quiz App v1.0 - 'card' SQL Injection
Exploit-DB Updates
[remote] Wyrestorm Apollo VX20 < 1.3.58 - Account Enumeration
February 26
th
2024 at 00:00
Wyrestorm Apollo VX20
Exploit-DB Updates
[webapps] taskhub 2.8.7 - SQL Injection
February 26
th
2024 at 00:00
taskhub 2.8.7 - SQL Injection
Exploit-DB Updates
[remote] FAQ Management System v1.0 - 'faq' SQL Injection
February 26
th
2024 at 00:00
FAQ Management System v1.0 - 'faq' SQL Injection
Exploit-DB Updates
[remote] Simple Inventory Management System v1.0 - 'email' SQL Injection
February 26
th
2024 at 00:00
Simple Inventory Management System v1.0 - 'email' SQL Injection
Exploit-DB Updates
[webapps] WEBIGniter v28.7.23 - Stored Cross Site Scripting (XSS)
February 21
st
2024 at 00:00
WEBIGniter v28.7.23 - Stored Cross Site Scripting (XSS)
Exploit-DB Updates
[webapps] phpFox < 4.8.13 - (redirect) PHP Object Injection Exploit
February 19
th
2024 at 00:00
phpFox
Exploit-DB Updates
[webapps] SureMDM On-premise < 6.31 - CAPTCHA Bypass User Enumeration
February 19
th
2024 at 00:00
SureMDM On-premise
Exploit-DB Updates
[webapps] Employee Management System v1 - 'email' SQL Injection
February 19
th
2024 at 00:00
Employee Management System v1 - 'email' SQL Injection
Exploit-DB Updates
[webapps] JFrog Artifactory < 7.25.4 - Blind SQL Injection
February 19
th
2024 at 00:00
JFrog Artifactory
Exploit-DB Updates
[local] Microsoft Windows Defender - VBScript Detection Bypass
February 19
th
2024 at 00:00
Microsoft Windows Defender - VBScript Detection Bypass
Exploit-DB Updates
[webapps] Wondercms 4.3.2 - XSS to RCE
February 19
th
2024 at 00:00
Wondercms 4.3.2 - XSS to RCE
Exploit-DB Updates
[dos] XAMPP - Buffer Overflow POC
February 19
th
2024 at 00:00
XAMPP - Buffer Overflow POC
Exploit-DB Updates
[local] Microsoft Windows Defender Bypass - Detection Mitigation Bypass
February 19
th
2024 at 00:00
Microsoft Windows Defender Bypass - Detection Mitigation Bypass
Exploit-DB Updates
[webapps] Metabase 0.46.6 - Pre-Auth Remote Code Execution
February 15
th
2024 at 00:00
Metabase 0.46.6 - Pre-Auth Remote Code Execution
Exploit-DB Updates
[local] DS Wireless Communication - Remote Code Execution
February 15
th
2024 at 00:00
DS Wireless Communication - Remote Code Execution
Exploit-DB Updates
[webapps] SISQUALWFM 7.1.319.103 - Host Header Injection
February 15
th
2024 at 00:00
SISQUALWFM 7.1.319.103 - Host Header Injection
Exploit-DB Updates
[webapps] Splunk 9.0.4 - Information Disclosure
February 13
th
2024 at 00:00
Splunk 9.0.4 - Information Disclosure
Exploit-DB Updates
[webapps] ManageEngine ADManager Plus Build < 7183 - Recovery Password Disclosure
February 13
th
2024 at 00:00
ManageEngine ADManager Plus Build
Exploit-DB Updates
[webapps] Lost and Found Information System v1.0 - ( IDOR ) leads to Account Take over
February 13
th
2024 at 00:00
Lost and Found Information System v1.0 - ( IDOR ) leads to Account Take over
Exploit-DB Updates
[dos] VIMESA VHF/FM Transmitter Blue Plus 9.7.1 (doreboot) - Remote Denial Of Service
February 13
th
2024 at 00:00
VIMESA VHF/FM Transmitter Blue Plus 9.7.1 (doreboot) - Remote Denial Of Service
Exploit-DB Updates
[webapps] Wordpress Seotheme - Remote Code Execution Unauthenticated
February 9
th
2024 at 00:00
Wordpress Seotheme - Remote Code Execution Unauthenticated
Exploit-DB Updates
[webapps] Wordpress Augmented-Reality - Remote Code Execution Unauthenticated
February 9
th
2024 at 00:00
Wordpress Augmented-Reality - Remote Code Execution Unauthenticated
Exploit-DB Updates
[dos] Elasticsearch - StackOverflow DoS
February 9
th
2024 at 00:00
Elasticsearch - StackOverflow DoS
Exploit-DB Updates
[webapps] Online Nurse Hiring System 1.0 - Time-Based SQL Injection
February 9
th
2024 at 00:00
Online Nurse Hiring System 1.0 - Time-Based SQL Injection
Exploit-DB Updates
[remote] Zyxel zysh - Format string
February 9
th
2024 at 00:00
Zyxel zysh - Format string
Exploit-DB Updates
[webapps] Rail Pass Management System 1.0 - Time-Based SQL Injection
February 9
th
2024 at 00:00
Rail Pass Management System 1.0 - Time-Based SQL Injection
Exploit-DB Updates
[webapps] Advanced Page Visit Counter 1.0 - Admin+ Stored Cross-Site Scripting (XSS) (Authenticated)
February 9
th
2024 at 00:00
Advanced Page Visit Counter 1.0 - Admin+ Stored Cross-Site Scripting (XSS) (Authenticated)
Exploit-DB Updates
[webapps] Wordpress 'simple urls' Plugin < 115 - XSS
February 5
th
2024 at 00:00
Wordpress 'simple urls' Plugin
Exploit-DB Updates
[webapps] Curfew e-Pass Management System 1.0 - FromDate SQL Injection
February 5
th
2024 at 00:00
Curfew e-Pass Management System 1.0 - FromDate SQL Injection
Exploit-DB Updates
[webapps] GYM MS - GYM Management System - Cross Site Scripting (Stored)
February 5
th
2024 at 00:00
GYM MS - GYM Management System - Cross Site Scripting (Stored)
Exploit-DB Updates
[remote] Milesight Routers UR5X, UR32L, UR32, UR35, UR41 - Credential Leakage Through Unprotected System Logs and Weak Password Encryption
February 5
th
2024 at 00:00
Milesight Routers UR5X, UR32L, UR32, UR35, UR41 - Credential Leakage Through Unprotected System Logs and Weak Password Encryption
Exploit-DB Updates
[webapps] TASKHUB-2.8.8 - XSS-Reflected
February 5
th
2024 at 00:00
TASKHUB-2.8.8 - XSS-Reflected
Exploit-DB Updates
[webapps] WhatsUp Gold 2022 (22.1.0 Build 39) - XSS
February 5
th
2024 at 00:00
WhatsUp Gold 2022 (22.1.0 Build 39) - XSS
Exploit-DB Updates
[webapps] MISP 2.4.171 - Stored XSS
February 5
th
2024 at 00:00
MISP 2.4.171 - Stored XSS
Exploit-DB Updates
[webapps] Clinic's Patient Management System 1.0 - Unauthenticated RCE
February 5
th
2024 at 00:00
Clinic's Patient Management System 1.0 - Unauthenticated RCE
Exploit-DB Updates
[webapps] Electrolink FM/DAB/TV Transmitter - Pre-Auth MPFS Image Remote Code Execution
February 2
nd
2024 at 00:00
Electrolink FM/DAB/TV Transmitter - Pre-Auth MPFS Image Remote Code Execution
Load more articles