[webapps] CE Phoenix Version 1.0.8.20 - Stored XSS

May 13^th 2024 at 00:00

CE Phoenix Version 1.0.8.20 - Stored XSS

Exploit-DB Updates

[webapps] Apache mod_proxy_cluster - Stored XSS

May 13^th 2024 at 00:00

Apache mod_proxy_cluster - Stored XSS

Exploit-DB Updates

[webapps] Leafpub 1.1.9 - Stored Cross-Site Scripting (XSS)

May 13^th 2024 at 00:00

Leafpub 1.1.9 - Stored Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] Chyrp 2.5.2 - Stored Cross-Site Scripting (XSS)

May 13^th 2024 at 00:00

Chyrp 2.5.2 - Stored Cross-Site Scripting (XSS)

Exploit-DB Updates

[local] Plantronics Hub 3.25.1 - Arbitrary File Read

May 13^th 2024 at 00:00

Plantronics Hub 3.25.1 - Arbitrary File Read

Exploit-DB Updates

[webapps] Prison Management System - SQL Injection Authentication Bypass

May 13^th 2024 at 00:00

Prison Management System - SQL Injection Authentication Bypass

Exploit-DB Updates

[remote] CrushFTP < 11.1.0 - Directory Traversal

May 13^th 2024 at 00:00

CrushFTP

Exploit-DB Updates

[webapps] PyroCMS v3.0.1 - Stored XSS

May 13^th 2024 at 00:00

PyroCMS v3.0.1 - Stored XSS

Exploit-DB Updates

[webapps] Clinic Queuing System 1.0 - RCE

May 8^th 2024 at 00:00

Clinic Queuing System 1.0 - RCE

Exploit-DB Updates

[webapps] iboss Secure Web Gateway - Stored Cross-Site Scripting (XSS)

May 8^th 2024 at 00:00

iboss Secure Web Gateway - Stored Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Device Config Disclosure

May 4^th 2024 at 00:00

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Device Config Disclosure

Exploit-DB Updates

[webapps] Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Authentication Bypass

May 4^th 2024 at 00:00

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Authentication Bypass

Exploit-DB Updates

[webapps] Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Authentication Bypass

May 4^th 2024 at 00:00

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Authentication Bypass

Exploit-DB Updates

[webapps] Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 - Device Config Disclosure

May 4^th 2024 at 00:00

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 - Device Config Disclosure

Exploit-DB Updates

[webapps] Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 - Authentication Bypass

May 4^th 2024 at 00:00

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 - Authentication Bypass

Exploit-DB Updates

[webapps] Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Device Config Disclosure

May 4^th 2024 at 00:00

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Device Config Disclosure

Exploit-DB Updates

[remote] Palo Alto PAN-OS < v11.1.2-h3 - Command Injection and Arbitrary File Creation

April 21^st 2024 at 00:00

Palo Alto PAN-OS

Exploit-DB Updates

[webapps] Flowise 1.6.5 - Authentication Bypass

April 21^st 2024 at 00:00

Flowise 1.6.5 - Authentication Bypass

Exploit-DB Updates

[webapps] SofaWiki 3.9.2 - Remote Command Execution (RCE) (Authenticated)

April 21^st 2024 at 00:00

SofaWiki 3.9.2 - Remote Command Execution (RCE) (Authenticated)

Exploit-DB Updates

[webapps] Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution

April 21^st 2024 at 00:00

Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution

Exploit-DB Updates

[webapps] FlatPress v1.3 - Remote Command Execution

April 21^st 2024 at 00:00

FlatPress v1.3 - Remote Command Execution

Exploit-DB Updates

[webapps] Laravel Framework 11 - Credential Leakage

April 21^st 2024 at 00:00

Laravel Framework 11 - Credential Leakage

Exploit-DB Updates

[webapps] djangorestframework-simplejwt 5.3.1 - Information Disclosure

April 15^th 2024 at 00:00

djangorestframework-simplejwt 5.3.1 - Information Disclosure

Exploit-DB Updates

[webapps] OpenClinic GA 5.247.01 - Path Traversal (Authenticated)

April 15^th 2024 at 00:00

OpenClinic GA 5.247.01 - Path Traversal (Authenticated)

Exploit-DB Updates

[webapps] OpenClinic GA 5.247.01 - Information Disclosure

April 15^th 2024 at 00:00

OpenClinic GA 5.247.01 - Information Disclosure

Exploit-DB Updates

[webapps] Jenkins 2.441 - Local File Inclusion

April 15^th 2024 at 00:00

Jenkins 2.441 - Local File Inclusion

Exploit-DB Updates

[webapps] Savsoft Quiz v6.0 Enterprise - Stored XSS

April 13^th 2024 at 00:00

Savsoft Quiz v6.0 Enterprise - Stored XSS

Exploit-DB Updates

[webapps] Stock Management System v1.0 - Unauthenticated SQL Injection

April 13^th 2024 at 00:00

Stock Management System v1.0 - Unauthenticated SQL Injection

Exploit-DB Updates

[webapps] Online Fire Reporting System OFRS - SQL Injection Authentication Bypass

April 13^th 2024 at 00:00

Online Fire Reporting System OFRS - SQL Injection Authentication Bypass

Exploit-DB Updates

[webapps] BMC Compuware iStrobe Web - 20.13 - Pre-auth RCE

April 13^th 2024 at 00:00

BMC Compuware iStrobe Web - 20.13 - Pre-auth RCE

Exploit-DB Updates

[webapps] Moodle 3.10.1 - Authenticated Blind Time-Based SQL Injection - "sort" parameter

April 12^th 2024 at 00:00

Moodle 3.10.1 - Authenticated Blind Time-Based SQL Injection - "sort" parameter

Exploit-DB Updates

[local] Terratec dmx_6fire USB - Unquoted Service Path

April 12^th 2024 at 00:00

Terratec dmx_6fire USB - Unquoted Service Path

Exploit-DB Updates

[local] PrusaSlicer 2.6.1 - Arbitrary code execution

April 12^th 2024 at 00:00

PrusaSlicer 2.6.1 - Arbitrary code execution

Exploit-DB Updates

[webapps] Wordpress Plugin Playlist for Youtube 1.32 - Stored Cross-Site Scripting (XSS)

April 12^th 2024 at 00:00

Wordpress Plugin Playlist for Youtube 1.32 - Stored Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] PopojiCMS Version 2.0.1 - Remote Command Execution

April 12^th 2024 at 00:00

PopojiCMS Version 2.0.1 - Remote Command Execution

Exploit-DB Updates

[webapps] Wordpress Plugin WP Video Playlist 1.1.1 - Stored Cross-Site Scripting (XSS)

April 12^th 2024 at 00:00

Wordpress Plugin WP Video Playlist 1.1.1 - Stored Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] Ray OS v2.6.3 - Command Injection RCE(Unauthorized)

April 12^th 2024 at 00:00

Ray OS v2.6.3 - Command Injection RCE(Unauthorized)

Exploit-DB Updates

[webapps] HTMLy Version v2.9.6 - Stored XSS

April 12^th 2024 at 00:00

HTMLy Version v2.9.6 - Stored XSS

Exploit-DB Updates

[remote] MinIO < 2024-01-31T20-20-33Z - Privilege Escalation

April 12^th 2024 at 00:00

MinIO

Exploit-DB Updates

[webapps] WBCE 1.6.0 - Unauthenticated SQL injection

April 12^th 2024 at 00:00

WBCE 1.6.0 - Unauthenticated SQL injection

Exploit-DB Updates

[webapps] WBCE CMS Version 1.6.1 - Remote Command Execution (Authenticated)

April 12^th 2024 at 00:00

WBCE CMS Version 1.6.1 - Remote Command Execution (Authenticated)

Exploit-DB Updates

[webapps] GUnet OpenEclass E-learning platform 3.15 - 'certbadge.php' Unrestricted File Upload

April 12^th 2024 at 00:00

GUnet OpenEclass E-learning platform 3.15 - 'certbadge.php' Unrestricted File Upload

Exploit-DB Updates

[webapps] Wordpress Theme Travelscape v1.0.3 - Arbitrary File Upload

April 8^th 2024 at 00:00

Wordpress Theme Travelscape v1.0.3 - Arbitrary File Upload

Exploit-DB Updates

[webapps] Daily Expense Manager 1.0 - 'term' SQLi

April 8^th 2024 at 00:00

Daily Expense Manager 1.0 - 'term' SQLi

Exploit-DB Updates

[webapps] Human Resource Management System v1.0 - Multiple SQLi

April 8^th 2024 at 00:00

Human Resource Management System v1.0 - Multiple SQLi

Exploit-DB Updates

[webapps] Best Student Result Management System v1.0 - Multiple SQLi

April 8^th 2024 at 00:00

Best Student Result Management System v1.0 - Multiple SQLi

Exploit-DB Updates

[remote] Positron Broadcast Signal Processor TRA7005 v1.20 - Authentication Bypass

April 8^th 2024 at 00:00

Positron Broadcast Signal Processor TRA7005 v1.20 - Authentication Bypass

Exploit-DB Updates

[webapps] Open Source Medicine Ordering System v1.0 - SQLi

April 8^th 2024 at 00:00

Open Source Medicine Ordering System v1.0 - SQLi

Exploit-DB Updates

[local] AnyDesk 7.0.15 - Unquoted Service Path

April 8^th 2024 at 00:00

AnyDesk 7.0.15 - Unquoted Service Path

Exploit-DB Updates

[webapps] Quick CMS v6.7 en 2023 - 'password' SQLi

April 3^rd 2024 at 00:00

Quick CMS v6.7 en 2023 - 'password' SQLi

Exploit-DB Updates

[webapps] Wordpress Plugin Alemha Watermarker 1.3.1 - Stored Cross-Site Scripting (XSS)

April 3^rd 2024 at 00:00

Wordpress Plugin Alemha Watermarker 1.3.1 - Stored Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] Computer Laboratory Management System v1.0 - Multiple-SQLi

April 3^rd 2024 at 00:00

Computer Laboratory Management System v1.0 - Multiple-SQLi

Exploit-DB Updates

[local] ESET NOD32 Antivirus 17.0.16.0 - Unquoted Service Path

April 3^rd 2024 at 00:00

ESET NOD32 Antivirus 17.0.16.0 - Unquoted Service Path

Exploit-DB Updates

[webapps] Daily Habit Tracker 1.0 - Stored Cross-Site Scripting (XSS)

April 2^nd 2024 at 00:00

Daily Habit Tracker 1.0 - Stored Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] Petrol Pump Management Software v1.0 - Remote Code Execution (RCE)

April 2^nd 2024 at 00:00

Petrol Pump Management Software v1.0 - Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] Online Hotel Booking In PHP 1.0 - Blind SQL Injection (Unauthenticated)

April 2^nd 2024 at 00:00

Online Hotel Booking In PHP 1.0 - Blind SQL Injection (Unauthenticated)

Exploit-DB Updates

[webapps] CE Phoenix v1.0.8.20 - Remote Code Execution

April 2^nd 2024 at 00:00

CE Phoenix v1.0.8.20 - Remote Code Execution

Exploit-DB Updates

[webapps] Simple Backup Plugin Python Exploit 2.7.10 - Path Traversal

April 2^nd 2024 at 00:00

Simple Backup Plugin Python Exploit 2.7.10 - Path Traversal

Exploit-DB Updates

[webapps] FoF Pretty Mail 1.1.2 - Local File Inclusion (LFI)

April 2^nd 2024 at 00:00

FoF Pretty Mail 1.1.2 - Local File Inclusion (LFI)

Exploit-DB Updates

[webapps] Hospital Management System v1.0 - Stored Cross Site Scripting (XSS)

April 2^nd 2024 at 00:00

Hospital Management System v1.0 - Stored Cross Site Scripting (XSS)