Blog RSSExploits RSSFacebook

WEB

Date D   Description Plat. Author
2018-04-16   Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution 38 WEB Hans Topo
2018-04-16   Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC) 39 WEB Vitalii Rudnykh
2018-04-10   CyberArk Password Vault Web Access < 9.9.5 / < 9.10 / 10.1 - Remote Code Execution 20 WEB RedTeam Pentesting
2018-04-04   ProcessMaker Plugin Code Execution 32 WEB Brendan Coles
2018-04-04   DuckDuckGo 4.2.0 WebRTC Private IP Leakage 29 WEB Brendan Coles
2018-04-02   Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload (Metasploit) 41 WEB Touhid M.Shaikh
2018-04-02   osCommerce 2.3.4.1 - Remote Code Execution 33 WEB Simon Scannell
2018-04-02   Homematic CCU2 2.29.23 - Remote Command Execution 31 WEB Gregor Kopf
2018-04-02   Homematic CCU2 2.29.23 - Arbitrary File Write 50 WEB Gregor Kopf
2018-03-30   Joomla Component Fields - SQLi Remote Code Execution (Metasploit) 48 WEB luisco100
2018-03-30   Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Admin Session) 36 WEB Stefan Horst
2018-03-30   Square 9 GlobalForms 6.2.x Blind SQL Injection 29 WEB Darrell Damstedt
2018-03-29   TwonkyMedia Server 7.0.11-8.5 - Directory Traversal 28 WEB Sven Fassbender
2018-03-27   ClipBucket beats_uploader Unauthenticated Arbitrary File Upload 36 WEB Touhid M.Shaikh
2018-03-26   XenForo 2 - CSS Loader Denial of Service 26 WEB LockedByte
2018-03-26   TL-WR720N 150Mbps Wireless N Router - Cross-Site Request Forgery 29 WEB Mans van Someren
2018-03-26   Hikvision IP Camera versions 5.2.0 - 5.3.9 (Builds 140721 - 170109) - Access Control Bypass 47 WEB Matamorphosis
2018-03-22   Cisco node-jos < 0.11.0 - Re-sign Tokens 35 WEB zioBlack
2018-03-21   Intelbras Telefone IP TIP200 LITE - Local File Disclosure 30 WEB anhax0r
2018-03-16   Spring Data REST < 2.6.9 (Ingalls SR9), 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution 43 WEB Antonio Francesco Sardella
2018-03-13   Advantech WebAccess < 8.3 - Directory Traversal / Remote Code Execution 66 WEB Chris Lyne
2018-03-13   ManageEngine Applications Manager 13.5 - Remote Code Execution (Metasploit) 42 WEB Mehmet Ince
2018-03-07   Bravo Tejari Web Portal Cross Site Scripting 52 WEB Arvind V.
2018-02-28   Concrete5 < 8.3.0 - Username / Comments Enumeration 60 WEB Chapman Schleiss
2018-02-26   AsusWRT LAN Unauthenticated Remote Code Execution 61 WEB Pedro Ribeiro