Blog RSSExploits RSSFacebook

WEB

Date D   Description Plat. Author
2018-05-03   Nagios XI 5.2.6 < 5.2.9 / 5.3 / 5.4 - Chained Remote Root 29 WEB Jared Arave
2018-05-03   Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code 34 WEB SixP4ck3r
2018-05-03   osCommerce Installer Unauthenticated Code Execution 23 WEB Daniel Teixeira
2018-04-27   GitList 0.6 - Unauthenticated Remote Code Execution 22 WEB Kacper Szurek
2018-04-27   SickRage < v2018.03.09 - Clear-Text Credentials HTTP Response 21 WEB Sven Fassbender
2018-04-25   Ericsson-LG iPECS NMS A.1Ac - Cleartext Credential Disclosure 16 WEB Berk Cem Göksel
2018-04-25   Interspire Email Marketer < 6.1.6 - Remote Admin Authentication Bypass 23 WEB devcoinfet
2018-04-24   Apache CouchDB 1.7.0 and 2.x before 2.1.1 - Remote Privilege Escalation 23 WEB Sebastián Castro
2018-04-19   Lutron Quantum 2.0 - 3.2.243 - Information Disclosure 21 WEB SadFud
2018-04-16   MikroTik 6.41.4 - FTP daemon Denial of Service PoC 25 WEB FarazPajohan
2018-04-16   Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution 51 WEB Hans Topo
2018-04-16   Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC) 51 WEB Vitalii Rudnykh
2018-04-10   CyberArk Password Vault Web Access < 9.9.5 / < 9.10 / 10.1 - Remote Code Execution 26 WEB RedTeam Pentesting
2018-04-04   ProcessMaker Plugin Code Execution 37 WEB Brendan Coles
2018-04-04   DuckDuckGo 4.2.0 WebRTC Private IP Leakage 37 WEB Brendan Coles
2018-04-02   Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload (Metasploit) 45 WEB Touhid M.Shaikh
2018-04-02   osCommerce 2.3.4.1 - Remote Code Execution 39 WEB Simon Scannell
2018-04-02   Homematic CCU2 2.29.23 - Remote Command Execution 37 WEB Gregor Kopf
2018-04-02   Homematic CCU2 2.29.23 - Arbitrary File Write 55 WEB Gregor Kopf
2018-03-30   Joomla Component Fields - SQLi Remote Code Execution (Metasploit) 52 WEB luisco100
2018-03-30   Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Admin Session) 40 WEB Stefan Horst
2018-03-30   Square 9 GlobalForms 6.2.x Blind SQL Injection 34 WEB Darrell Damstedt
2018-03-29   TwonkyMedia Server 7.0.11-8.5 - Directory Traversal 31 WEB Sven Fassbender
2018-03-27   ClipBucket beats_uploader Unauthenticated Arbitrary File Upload 39 WEB Touhid M.Shaikh
2018-03-26   XenForo 2 - CSS Loader Denial of Service 28 WEB LockedByte