Login
FreshRSS
Login
Exploit-DB Updates
[webapps] WordPress Plugin Duplicator < 1.5.7.1 - Unauthenticated Sensitive Data Exposure to Account Takeover
March 11
th
2024 at 00:00
WordPress Plugin Duplicator
Exploit-DB Updates
[local] Microsoft Windows Defender / Trojan.Win32/Powessere.G - Detection Mitigation Bypass
March 11
th
2024 at 00:00
Microsoft Windows Defender / Trojan.Win32/Powessere.G - Detection Mitigation Bypass
Exploit-DB Updates
[webapps] Hitachi NAS (HNAS) System Management Unit (SMU) Backup & Restore < 14.8.7825.01 - IDOR
March 11
th
2024 at 00:00
Hitachi NAS (HNAS) System Management Unit (SMU) Backup & Restore
Exploit-DB Updates
[webapps] Adobe ColdFusion versions 2018,15 (and earlier) and 2021,5 and earlier - Arbitrary File Read
March 11
th
2024 at 00:00
Adobe ColdFusion versions 2018,15 (and earlier) and 2021,5 and earlier - Arbitrary File Read
Exploit-DB Updates
[webapps] DataCube3 v1.0 - Unrestricted file upload 'RCE'
March 10
th
2024 at 00:00
DataCube3 v1.0 - Unrestricted file upload 'RCE'
Exploit-DB Updates
[webapps] Ladder v0.0.21 - Server-side request forgery (SSRF)
March 10
th
2024 at 00:00
Ladder v0.0.21 - Server-side request forgery (SSRF)
Exploit-DB Updates
[webapps] Akaunting < 3.1.3 - RCE
March 10
th
2024 at 00:00
Akaunting
Exploit-DB Updates
[webapps] Numbas < v7.3 - Remote Code Execution
March 10
th
2024 at 00:00
Numbas
Exploit-DB Updates
[webapps] Hide My WP < 6.2.9 - Unauthenticated SQLi
March 10
th
2024 at 00:00
Hide My WP
Exploit-DB Updates
[webapps] TP-Link TL-WR740N - Buffer Overflow 'DOS'
March 10
th
2024 at 00:00
TP-Link TL-WR740N - Buffer Overflow 'DOS'
Exploit-DB Updates
[webapps] GLiNet - Router Authentication Bypass
March 6
th
2024 at 00:00
GLiNet - Router Authentication Bypass
Exploit-DB Updates
[webapps] CSZ CMS Version 1.3.0 - Authenticated Remote Command Execution
March 6
th
2024 at 00:00
CSZ CMS Version 1.3.0 - Authenticated Remote Command Execution
Exploit-DB Updates
[webapps] elFinder Web file manager Version - 2.1.53 Remote Command Execution
March 6
th
2024 at 00:00
elFinder Web file manager Version - 2.1.53 Remote Command Execution
Exploit-DB Updates
[webapps] Lot Reservation Management System - Unauthenticated File Disclosure
March 6
th
2024 at 00:00
Lot Reservation Management System - Unauthenticated File Disclosure
Exploit-DB Updates
[webapps] CVE-2023-50071 - Multiple SQL Injection
March 6
th
2024 at 00:00
CVE-2023-50071 - Multiple SQL Injection
Exploit-DB Updates
[webapps] Lot Reservation Management System - Unauthenticated File Upload and Remote Code Execution
March 6
th
2024 at 00:00
Lot Reservation Management System - Unauthenticated File Upload and Remote Code Execution
Exploit-DB Updates
[webapps] Solar-Log 200 PM+ 3.6.0 Build 99 - 15.10.2019 - Stored XSS
March 5
th
2024 at 00:00
Solar-Log 200 PM+ 3.6.0 Build 99 - 15.10.2019 - Stored XSS
Exploit-DB Updates
[webapps] kk Star Ratings < 5.4.6 - Rating Tampering via Race Condition
March 5
th
2024 at 00:00
kk Star Ratings
Exploit-DB Updates
[webapps] Neontext Wordpress Plugin - Stored XSS
March 5
th
2024 at 00:00
Neontext Wordpress Plugin - Stored XSS
Exploit-DB Updates
[remote] TitanNit Web Control 2.01 / Atemio 7600 - Root Remote Code Execution
March 3
rd
2024 at 00:00
TitanNit Web Control 2.01 / Atemio 7600 - Root Remote Code Execution
Exploit-DB Updates
[remote] Simple Student Attendance System v1.0 - 'classid' Time Based Blind & Union Based SQL Injection
March 3
rd
2024 at 00:00
Simple Student Attendance System v1.0 - 'classid' Time Based Blind & Union Based SQL Injection
Exploit-DB Updates
[webapps] Easywall 0.3.1 - Authenticated Remote Command Execution
March 3
rd
2024 at 00:00
Easywall 0.3.1 - Authenticated Remote Command Execution
Exploit-DB Updates
[local] A-PDF All to MP3 Converter 2.0.0 - DEP Bypass via HeapCreate + HeapAlloc
March 3
rd
2024 at 00:00
A-PDF All to MP3 Converter 2.0.0 - DEP Bypass via HeapCreate + HeapAlloc
Exploit-DB Updates
[remote] TPC-110W - Missing Authentication for Critical Function
March 3
rd
2024 at 00:00
TPC-110W - Missing Authentication for Critical Function
Exploit-DB Updates
[remote] Simple Student Attendance System v1.0 - Time Based Blind SQL Injection
March 3
rd
2024 at 00:00
Simple Student Attendance System v1.0 - Time Based Blind SQL Injection
Exploit-DB Updates
[remote] GL.iNet AR300M v4.3.7 Remote Code Execution - CVE-2023-46454 Exploit
March 3
rd
2024 at 00:00
GL.iNet AR300M v4.3.7 Remote Code Execution - CVE-2023-46454 Exploit
Exploit-DB Updates
[remote] Petrol Pump Management Software v1.0 - 'Address' Stored Cross Site Scripting
March 3
rd
2024 at 00:00
Petrol Pump Management Software v1.0 - 'Address' Stored Cross Site Scripting
Exploit-DB Updates
[local] Windows PowerShell - Event Log Bypass Single Quote Code Execution
March 3
rd
2024 at 00:00
Windows PowerShell - Event Log Bypass Single Quote Code Execution
Exploit-DB Updates
[webapps] Magento ver. 2.4.6 - XSLT Server Side Injection
March 3
rd
2024 at 00:00
Magento ver. 2.4.6 - XSLT Server Side Injection
Exploit-DB Updates
[remote] R Radio Network FM Transmitter 1.07 system.cgi - Password Disclosure
March 3
rd
2024 at 00:00
R Radio Network FM Transmitter 1.07 system.cgi - Password Disclosure
Exploit-DB Updates
[remote] Maxima Max Pro Power - BLE Traffic Replay (Unauthenticated)
March 3
rd
2024 at 00:00
Maxima Max Pro Power - BLE Traffic Replay (Unauthenticated)
Exploit-DB Updates
[remote] AC Repair and Services System v1.0 - Multiple SQL Injection
March 3
rd
2024 at 00:00
AC Repair and Services System v1.0 - Multiple SQL Injection
Exploit-DB Updates
[remote] Enrollment System v1.0 - SQL Injection
March 3
rd
2024 at 00:00
Enrollment System v1.0 - SQL Injection
Exploit-DB Updates
[remote] Real Estate Management System v1.0 - Remote Code Execution via File Upload
March 3
rd
2024 at 00:00
Real Estate Management System v1.0 - Remote Code Execution via File Upload
Exploit-DB Updates
[remote] GL.iNet AR300M v4.3.7 Arbitrary File Read - CVE-2023-46455 Exploit
March 3
rd
2024 at 00:00
GL.iNet AR300M v4.3.7 Arbitrary File Read - CVE-2023-46455 Exploit
Exploit-DB Updates
[remote] GL.iNet AR300M v3.216 Remote Code Execution - CVE-2023-46456 Exploit
March 3
rd
2024 at 00:00
GL.iNet AR300M v3.216 Remote Code Execution - CVE-2023-46456 Exploit
Exploit-DB Updates
[remote] Petrol Pump Management Software v.1.0 - Stored Cross Site Scripting via SVG file
March 3
rd
2024 at 00:00
Petrol Pump Management Software v.1.0 - Stored Cross Site Scripting via SVG file
Exploit-DB Updates
[remote] Petrol Pump Management Software v1.0 - Remote Code Execution via File Upload
March 3
rd
2024 at 00:00
Petrol Pump Management Software v1.0 - Remote Code Execution via File Upload
Exploit-DB Updates
[remote] Petrol Pump Management Software v.1.0 - SQL Injection
March 3
rd
2024 at 00:00
Petrol Pump Management Software v.1.0 - SQL Injection
Exploit-DB Updates
[webapps] Boss Mini 1.4.0 - local file inclusion
March 3
rd
2024 at 00:00
Boss Mini 1.4.0 - local file inclusion
Exploit-DB Updates
[local] (shellcode) Linux-x64 - create a shell with execve() sending argument using XOR (/bin//sh) [55 bytes]
February 28
th
2024 at 00:00
(shellcode) Linux-x64 - create a shell with execve() sending argument using XOR (/bin//sh) [55 bytes]
Exploit-DB Updates
[webapps] Blood Bank v1.0 - Multiple SQL Injection
February 28
th
2024 at 00:00
Blood Bank v1.0 - Multiple SQL Injection
Exploit-DB Updates
[webapps] WP Rocket < 2.10.3 - Local File Inclusion (LFI)
February 28
th
2024 at 00:00
WP Rocket
Exploit-DB Updates
[local] Saflok - Key Derication Function Exploit
February 28
th
2024 at 00:00
Saflok - Key Derication Function Exploit
Exploit-DB Updates
[webapps] WP Fastest Cache 1.2.2 - Unauthenticated SQL Injection
February 28
th
2024 at 00:00
WP Fastest Cache 1.2.2 - Unauthenticated SQL Injection
Exploit-DB Updates
[webapps] WordPress Plugin Admin Bar & Dashboard Access Control Version: 1.2.8 - "Dashboard Redirect" field Stored Cross-Site Scripting (XSS)
February 28
th
2024 at 00:00
WordPress Plugin Admin Bar & Dashboard Access Control Version: 1.2.8 - "Dashboard Redirect" field Stored Cross-Site Scripting (XSS)
Exploit-DB Updates
[remote] TEM Opera Plus FM Family Transmitter 35.45 - XSRF
February 27
th
2024 at 00:00
TEM Opera Plus FM Family Transmitter 35.45 - XSRF
Exploit-DB Updates
[webapps] Atlassian Confluence Data Center and Server - Authentication Bypass (Metasploit)
February 27
th
2024 at 00:00
Atlassian Confluence Data Center and Server - Authentication Bypass (Metasploit)
Exploit-DB Updates
[remote] TEM Opera Plus FM Family Transmitter 35.45 - Remote Code Execution
February 27
th
2024 at 00:00
TEM Opera Plus FM Family Transmitter 35.45 - Remote Code Execution
Exploit-DB Updates
[webapps] Wordpress Plugin Canto < 3.0.5 - Remote File Inclusion (RFI) and Remote Code Execution (RCE)
February 27
th
2024 at 00:00
Wordpress Plugin Canto
Exploit-DB Updates
[webapps] Moodle 4.3 - Reflected XSS
February 27
th
2024 at 00:00
Moodle 4.3 - Reflected XSS
Exploit-DB Updates
[remote] Executables Created with perl2exe < V30.10C - Arbitrary Code Execution
February 27
th
2024 at 00:00
Executables Created with perl2exe
Exploit-DB Updates
[webapps] Zoo Management System 1.0 - Unauthenticated RCE
February 27
th
2024 at 00:00
Zoo Management System 1.0 - Unauthenticated RCE
Exploit-DB Updates
[webapps] Automatic-Systems SOC FL9600 FastLine - The device contains hardcoded login and password for super admin
February 27
th
2024 at 00:00
Automatic-Systems SOC FL9600 FastLine - The device contains hardcoded login and password for super admin
Exploit-DB Updates
[webapps] dawa-pharma 1.0-2022 - Multiple-SQLi
February 27
th
2024 at 00:00
dawa-pharma 1.0-2022 - Multiple-SQLi
Exploit-DB Updates
[webapps] Moodle 4.3 - Insecure Direct Object Reference
February 27
th
2024 at 00:00
Moodle 4.3 - Insecure Direct Object Reference
Exploit-DB Updates
[webapps] Automatic-Systems SOC FL9600 FastLine - Directory Transversal
February 27
th
2024 at 00:00
Automatic-Systems SOC FL9600 FastLine - Directory Transversal
Exploit-DB Updates
[webapps] SuperStoreFinder - Multiple Vulnerabilities
February 27
th
2024 at 00:00
SuperStoreFinder - Multiple Vulnerabilities
Exploit-DB Updates
[remote] Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'Credentials Disclosure'
February 26
th
2024 at 00:00
Wyrestorm Apollo VX20
Exploit-DB Updates
[webapps] Online Shopping System Advanced - Sql Injection
February 26
th
2024 at 00:00
Online Shopping System Advanced - Sql Injection
Load more articles