All InfoSec / Cybersecurity News from Exploit-DB.com RSS Feed | allinfosecnews.com

Latest
Top

[webapps] Wp2Fac - OS Command Injection 2 weeks, 5 days ago | www.exploit-db.com

command command injection injection webapps

[local] GOM Player 2.3.90.5360 - Buffer Overflow (PoC) 2 weeks, 5 days ago | www.exploit-db.com

buffer buffer overflow local overflow +2

[webapps] Drupal 10.1.2 - web-cache-poisoning-External-service-interaction 2 weeks, 5 days ago | www.exploit-db.com

cache drupal external poisoning +3

[remote] Techview LA-5570 Wireless Gateway Home Automation Controller - Multiple Vulnerabilities 2 weeks, 5 days ago | www.exploit-db.com

automation controller gateway home +3

[webapps] soosyze 2.0.0 - File Upload 2 weeks, 5 days ago | www.exploit-db.com

file file upload upload webapps

[remote] GOM Player 2.3.90.5360 - Remote Code Execution (RCE) 2 weeks, 5 days ago | www.exploit-db.com

code code execution player rce +2

[webapps] Jorani v1.0.3-(c)2014-2023 - XSS Reflected & Information Disclosure 2 weeks, 5 days ago | www.exploit-db.com

amp disclosure information information disclosure +2

[webapps] SPA-Cart eCommerce CMS 1.9.0.3 - SQL Injection 2 weeks, 5 days ago | www.exploit-db.com

cms ecommerce injection spa +3

[webapps] Wordpress Plugin Elementor 3.5.5 - Iframe Injection 2 weeks, 5 days ago | www.exploit-db.com

iframe injection plugin webapps +2

[dos] SyncBreeze 15.2.24 - 'login' Denial of Service 2 weeks, 5 days ago | www.exploit-db.com

denial of service dos login service

[webapps] Axigen < 10.3.3.47, 10.2.3.12 - Reflected XSS 2 weeks, 5 days ago | www.exploit-db.com

reflected xss webapps xss

[local] Kingo ROOT 1.5.8 - Unquoted Service Path 3 weeks, 2 days ago | www.exploit-db.com

local path root service

[webapps] Member Login Script 3.3 - Client-side desync 3 weeks, 2 days ago | www.exploit-db.com

client client-side login script +1

[webapps] DLINK DPH-400SE - Exposure of Sensitive Information 3 weeks, 2 days ago | www.exploit-db.com

dlink exposure information sensitive +2

[webapps] CSZ CMS 1.3.0 - Stored Cross-Site Scripting (Plugin 'Gallery') 3 weeks, 2 days ago | www.exploit-db.com

cms cross-site gallery plugin +2

[local] NVClient v5.0 - Stack Buffer Overflow (DoS) 3 weeks, 2 days ago | www.exploit-db.com

buffer buffer overflow dos local +2

[webapps] Hyip Rio 2.1 - Arbitrary File Upload 3 weeks, 2 days ago | www.exploit-db.com

file file upload upload webapps

[webapps] AdminLTE PiHole 5.18 - Broken Access Control 3 weeks, 2 days ago | www.exploit-db.com

access access control broken access control control +2

[webapps] SPA-Cart eCommerce CMS 1.9.0.3 - Reflected XSS 3 weeks, 2 days ago | www.exploit-db.com

cms ecommerce reflected xss spa +2

[webapps] Blood Donor Management System v1.0 - Stored XSS 3 weeks, 2 days ago | www.exploit-db.com

management stored xss system webapps +1

[webapps] Academy LMS 6.1 - Arbitrary File Upload 3 weeks, 2 days ago | www.exploit-db.com

academy file file upload lms +2

[remote] Ivanti Avalanche <v6.4.0.0 - Remote Code Execution 3 weeks, 2 days ago | www.exploit-db.com

avalanche code code execution ivanti +3

[webapps] CSZ CMS 1.3.0 - Stored Cross-Site Scripting ('Photo URL' and 'YouTube URL' ) 3 weeks, 2 days ago | www.exploit-db.com

cms cross-site photo scripting +3

[webapps] FileMage Gateway 1.10.9 - Local File Inclusion 3 weeks, 2 days ago | www.exploit-db.com

file gateway inclusion local +1

[webapps] Credit Lite 1.5.4 - SQL Injection 3 weeks, 2 days ago | www.exploit-db.com

credit injection sql sql injection +1

[local] Freefloat FTP Server 1.0 - 'PWD' Remote Buffer Overflow 3 weeks, 2 days ago | www.exploit-db.com

buffer buffer overflow ftp local +3

[webapps] Bus Reservation System 1.1 - Multiple-SQLi 3 weeks, 2 days ago | www.exploit-db.com

bus sqli system webapps

[webapps] WP Statistics Plugin 13.1.5 current_page_id - Time based SQL injection (Unauthenticated) 3 weeks, 2 days ago | www.exploit-db.com

injection plugin sql sql injection +3

[webapps] Uvdesk 1.1.4 - Stored XSS (Authenticated) 1 month ago | www.exploit-db.com

stored xss webapps xss

[webapps] User Registration & Login and User Management System v3.0 - Stored Cross-Site Scripting (XSS) 1 month ago | www.exploit-db.com

amp cross-site login management +6

[webapps] User Registration & Login and User Management System v3.0 - SQL Injection (Unauthenticated) 1 month ago | www.exploit-db.com

amp injection login management +7

[remote] TSplus 16.0.2.14 - Remote Access Insecure Files and Folders Permissions 1 month ago | www.exploit-db.com

access files folders insecure +2

[remote] EuroTel ETL3100 - Transmitter Authorization Bypass (IDOR) 1 month ago | www.exploit-db.com

authorization bypass idor

[remote] TSplus 16.0.0.0 - Remote Work Insecure Files and Folders 1 month ago | www.exploit-db.com

files folders insecure remote work +1

[remote] EuroTel ETL3100 - Transmitter Default Credentials 1 month ago | www.exploit-db.com

credentials default default credentials

[webapps] Crypto Currency Tracker (CCT) 9.5 - Admin Account Creation (Unauthenticated) 1 month ago | www.exploit-db.com

account admin crypto crypto currency +4

[webapps] Color Prediction Game v1.0 - SQL Injection 1 month ago | www.exploit-db.com

game injection prediction sql +2

[webapps] Dolibarr Version 17.0.1 - Stored XSS 1 month ago | www.exploit-db.com

dolibarr stored xss version webapps +1

[local] Inosoft VisiWin 7 2022-2.1 - Insecure Folders Permissions 1 month ago | www.exploit-db.com

folders insecure local permissions

[remote] EuroTel ETL3100 - Transmitter Unauthenticated Config/Log Download 1 month ago | www.exploit-db.com

download log unauthenticated

[webapps] Global - Multi School Management System Express v1.0- SQL Injection 1 month ago | www.exploit-db.com

express global injection management +5

[webapps] Taskhub CRM Tool 2.8.6 - SQL Injection 1 month ago | www.exploit-db.com

crm injection sql sql injection +2

[webapps] PHPJabbers Business Directory Script v3.2 - Multiple Vulnerabilities 1 month ago | www.exploit-db.com

business directory script vulnerabilities +1

[remote] TSPlus 16.0.0.0 - Remote Work Insecure Credential storage 1 month ago | www.exploit-db.com

credential credential storage insecure remote work +2

[webapps] OVOO Movie Portal CMS v3.3.3 - SQL Injection 1 month ago | www.exploit-db.com

cms injection movie portal +3

[webapps] Maltrail v0.53 - Unauthenticated Remote Code Execution (RCE) 1 month, 2 weeks ago | www.exploit-db.com

code code execution rce remote code +2

[local] systemd 246 - Local Privilege Escalation 1 month, 2 weeks ago | www.exploit-db.com

escalation local local privilege escalation privilege +2

[webapps] Request-Baskets v1.2.1 - Server-side request forgery (SSRF) 1 month, 2 weeks ago | www.exploit-db.com

forgery request server server-side request forgery +2

[local] OutSystems Service Studio 11.53.30 - DLL Hijacking 1 month, 2 weeks ago | www.exploit-db.com

dll dll hijacking hijacking local +3

[remote] TP-Link Archer AX21 - Unauthenticated Command Injection 1 month, 2 weeks ago | www.exploit-db.com

command command injection injection link +2

[webapps] Social-Commerce 3.1.6 - Reflected XSS 1 month, 2 weeks ago | www.exploit-db.com

commerce reflected xss social webapps +1

[webapps] PHPJabbers Vacation Rental Script 4.0 - CSRF 1 month, 2 weeks ago | www.exploit-db.com

csrf script vacation webapps

[webapps] Emagic Data Center Management Suite v6.0 - OS Command Injection 1 month, 2 weeks ago | www.exploit-db.com

center command command injection data +4

[webapps] Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure 1 month, 2 weeks ago | www.exploit-db.com

ads classified disclosure information +2

[webapps] Lucee 5.4.2.17 - Authenticated Reflected XSS 1 month, 2 weeks ago | www.exploit-db.com

reflected xss webapps xss

[webapps] Pyro CMS 3.9 - Server-Side Template Injection (SSTI) (Authenticated) 1 month, 2 weeks ago | www.exploit-db.com

cms injection server ssti +3

[webapps] mooSocial 3.1.8 - Reflected XSS 1 month, 2 weeks ago | www.exploit-db.com

reflected xss webapps xss

[webapps] WordPress adivaha Travel Plugin 2.3 - SQL Injection 1 month, 3 weeks ago | www.exploit-db.com

injection plugin sql sql injection +3

[webapps] Academy LMS 6.0 - Reflected XSS 1 month, 3 weeks ago | www.exploit-db.com

academy lms reflected xss webapps +1

[webapps] PHPJabbers Taxi Booking 2.0 - Reflected XSS 1 month, 3 weeks ago | www.exploit-db.com

booking reflected xss webapps xss

Nothing found.

Items published with this topic over the last 90 days.

Latest

[webapps] Wp2Fac - OS Command Injection 2 weeks, 5 days ago | www.exploit-db.com

command command injection injection webapps

[local] GOM Player 2.3.90.5360 - Buffer Overflow (PoC) 2 weeks, 5 days ago | www.exploit-db.com

buffer buffer overflow local overflow +2

[webapps] Drupal 10.1.2 - web-cache-poisoning-External-service-interaction 2 weeks, 5 days ago | www.exploit-db.com

cache drupal external poisoning +3

[remote] Techview LA-5570 Wireless Gateway Home Automation Controller - Multiple Vulnerabilities 2 weeks, 5 days ago | www.exploit-db.com

automation controller gateway home +3

[webapps] soosyze 2.0.0 - File Upload 2 weeks, 5 days ago | www.exploit-db.com

file file upload upload webapps

[remote] GOM Player 2.3.90.5360 - Remote Code Execution (RCE) 2 weeks, 5 days ago | www.exploit-db.com

code code execution player rce +2

[webapps] Jorani v1.0.3-(c)2014-2023 - XSS Reflected & Information Disclosure 2 weeks, 5 days ago | www.exploit-db.com

amp disclosure information information disclosure +2

[webapps] SPA-Cart eCommerce CMS 1.9.0.3 - SQL Injection 2 weeks, 5 days ago | www.exploit-db.com

cms ecommerce injection spa +3

[webapps] Wordpress Plugin Elementor 3.5.5 - Iframe Injection 2 weeks, 5 days ago | www.exploit-db.com

iframe injection plugin webapps +2

[dos] SyncBreeze 15.2.24 - 'login' Denial of Service 2 weeks, 5 days ago | www.exploit-db.com

denial of service dos login service

[webapps] Axigen < 10.3.3.47, 10.2.3.12 - Reflected XSS 2 weeks, 5 days ago | www.exploit-db.com

reflected xss webapps xss

[local] Kingo ROOT 1.5.8 - Unquoted Service Path 3 weeks, 2 days ago | www.exploit-db.com

local path root service

[webapps] Member Login Script 3.3 - Client-side desync 3 weeks, 2 days ago | www.exploit-db.com

client client-side login script +1

[webapps] DLINK DPH-400SE - Exposure of Sensitive Information 3 weeks, 2 days ago | www.exploit-db.com

dlink exposure information sensitive +2

[webapps] CSZ CMS 1.3.0 - Stored Cross-Site Scripting (Plugin 'Gallery') 3 weeks, 2 days ago | www.exploit-db.com

cms cross-site gallery plugin +2

[local] NVClient v5.0 - Stack Buffer Overflow (DoS) 3 weeks, 2 days ago | www.exploit-db.com

buffer buffer overflow dos local +2

[webapps] Hyip Rio 2.1 - Arbitrary File Upload 3 weeks, 2 days ago | www.exploit-db.com

file file upload upload webapps

[webapps] AdminLTE PiHole 5.18 - Broken Access Control 3 weeks, 2 days ago | www.exploit-db.com

access access control broken access control control +2

[webapps] SPA-Cart eCommerce CMS 1.9.0.3 - Reflected XSS 3 weeks, 2 days ago | www.exploit-db.com

cms ecommerce reflected xss spa +2

[webapps] Blood Donor Management System v1.0 - Stored XSS 3 weeks, 2 days ago | www.exploit-db.com

management stored xss system webapps +1

[webapps] Academy LMS 6.1 - Arbitrary File Upload 3 weeks, 2 days ago | www.exploit-db.com

academy file file upload lms +2

[remote] Ivanti Avalanche <v6.4.0.0 - Remote Code Execution 3 weeks, 2 days ago | www.exploit-db.com

avalanche code code execution ivanti +3

[webapps] CSZ CMS 1.3.0 - Stored Cross-Site Scripting ('Photo URL' and 'YouTube URL' ) 3 weeks, 2 days ago | www.exploit-db.com

cms cross-site photo scripting +3

[webapps] FileMage Gateway 1.10.9 - Local File Inclusion 3 weeks, 2 days ago | www.exploit-db.com

file gateway inclusion local +1

[webapps] Credit Lite 1.5.4 - SQL Injection 3 weeks, 2 days ago | www.exploit-db.com

credit injection sql sql injection +1

[local] Freefloat FTP Server 1.0 - 'PWD' Remote Buffer Overflow 3 weeks, 2 days ago | www.exploit-db.com

buffer buffer overflow ftp local +3

[webapps] Bus Reservation System 1.1 - Multiple-SQLi 3 weeks, 2 days ago | www.exploit-db.com

bus sqli system webapps

[webapps] WP Statistics Plugin 13.1.5 current_page_id - Time based SQL injection (Unauthenticated) 3 weeks, 2 days ago | www.exploit-db.com

injection plugin sql sql injection +3

[webapps] Uvdesk 1.1.4 - Stored XSS (Authenticated) 1 month ago | www.exploit-db.com

stored xss webapps xss

[webapps] User Registration & Login and User Management System v3.0 - Stored Cross-Site Scripting (XSS) 1 month ago | www.exploit-db.com

amp cross-site login management +6

[webapps] User Registration & Login and User Management System v3.0 - SQL Injection (Unauthenticated) 1 month ago | www.exploit-db.com

amp injection login management +7

[remote] TSplus 16.0.2.14 - Remote Access Insecure Files and Folders Permissions 1 month ago | www.exploit-db.com

access files folders insecure +2

[remote] EuroTel ETL3100 - Transmitter Authorization Bypass (IDOR) 1 month ago | www.exploit-db.com

authorization bypass idor

[remote] TSplus 16.0.0.0 - Remote Work Insecure Files and Folders 1 month ago | www.exploit-db.com

files folders insecure remote work +1

[remote] EuroTel ETL3100 - Transmitter Default Credentials 1 month ago | www.exploit-db.com

credentials default default credentials

[webapps] Crypto Currency Tracker (CCT) 9.5 - Admin Account Creation (Unauthenticated) 1 month ago | www.exploit-db.com

account admin crypto crypto currency +4

[webapps] Color Prediction Game v1.0 - SQL Injection 1 month ago | www.exploit-db.com

game injection prediction sql +2

[webapps] Dolibarr Version 17.0.1 - Stored XSS 1 month ago | www.exploit-db.com

dolibarr stored xss version webapps +1

[local] Inosoft VisiWin 7 2022-2.1 - Insecure Folders Permissions 1 month ago | www.exploit-db.com

folders insecure local permissions

[remote] EuroTel ETL3100 - Transmitter Unauthenticated Config/Log Download 1 month ago | www.exploit-db.com

download log unauthenticated

[webapps] Global - Multi School Management System Express v1.0- SQL Injection 1 month ago | www.exploit-db.com

express global injection management +5

[webapps] Taskhub CRM Tool 2.8.6 - SQL Injection 1 month ago | www.exploit-db.com

crm injection sql sql injection +2

[webapps] PHPJabbers Business Directory Script v3.2 - Multiple Vulnerabilities 1 month ago | www.exploit-db.com

business directory script vulnerabilities +1

[remote] TSPlus 16.0.0.0 - Remote Work Insecure Credential storage 1 month ago | www.exploit-db.com

credential credential storage insecure remote work +2

[webapps] OVOO Movie Portal CMS v3.3.3 - SQL Injection 1 month ago | www.exploit-db.com

cms injection movie portal +3

[webapps] Maltrail v0.53 - Unauthenticated Remote Code Execution (RCE) 1 month, 2 weeks ago | www.exploit-db.com

code code execution rce remote code +2

[local] systemd 246 - Local Privilege Escalation 1 month, 2 weeks ago | www.exploit-db.com

escalation local local privilege escalation privilege +2

[webapps] Request-Baskets v1.2.1 - Server-side request forgery (SSRF) 1 month, 2 weeks ago | www.exploit-db.com

forgery request server server-side request forgery +2

[local] OutSystems Service Studio 11.53.30 - DLL Hijacking 1 month, 2 weeks ago | www.exploit-db.com

dll dll hijacking hijacking local +3

[remote] TP-Link Archer AX21 - Unauthenticated Command Injection 1 month, 2 weeks ago | www.exploit-db.com

command command injection injection link +2

[webapps] Social-Commerce 3.1.6 - Reflected XSS 1 month, 2 weeks ago | www.exploit-db.com

commerce reflected xss social webapps +1

[webapps] PHPJabbers Vacation Rental Script 4.0 - CSRF 1 month, 2 weeks ago | www.exploit-db.com

csrf script vacation webapps

[webapps] Emagic Data Center Management Suite v6.0 - OS Command Injection 1 month, 2 weeks ago | www.exploit-db.com

center command command injection data +4

[webapps] Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure 1 month, 2 weeks ago | www.exploit-db.com

ads classified disclosure information +2

[webapps] Lucee 5.4.2.17 - Authenticated Reflected XSS 1 month, 2 weeks ago | www.exploit-db.com

reflected xss webapps xss

[webapps] Pyro CMS 3.9 - Server-Side Template Injection (SSTI) (Authenticated) 1 month, 2 weeks ago | www.exploit-db.com

cms injection server ssti +3

[webapps] mooSocial 3.1.8 - Reflected XSS 1 month, 2 weeks ago | www.exploit-db.com

reflected xss webapps xss

[webapps] WordPress adivaha Travel Plugin 2.3 - SQL Injection 1 month, 3 weeks ago | www.exploit-db.com

injection plugin sql sql injection +3

[webapps] Academy LMS 6.0 - Reflected XSS 1 month, 3 weeks ago | www.exploit-db.com

academy lms reflected xss webapps +1

[webapps] PHPJabbers Taxi Booking 2.0 - Reflected XSS 1 month, 3 weeks ago | www.exploit-db.com

booking reflected xss webapps xss

Top (last 7 days)

Nothing found.

Business Information Security Officer

@ Metrolink | Los Angeles, CA

View on infosec-jobs.com

Senior Security Engineer

@ Freedom of the Press Foundation | Remote, 4 hour time zone overlap with New York City

View on infosec-jobs.com

Security Engineer

@ ChartMogul | Remote, EU

View on infosec-jobs.com

Elastic Consultant - EMEA

@ Elasticsearch | Germany

View on infosec-jobs.com

Software Development Engineer, Security

@ Binance | Romania, Bucharest

View on infosec-jobs.com

Digital Network Exploitation Analyst III

@ Aperio Global, LLC | Fort Meade, Maryland, United States

View on infosec-jobs.com