Security Vulnerabilities & Exploits

[webapps] orangescrum 1.8.0 - 'Multiple' SQL Injection (Authenticated)

The Exploit Database - 29 Listopad, 2021 - 01:00
orangescrum 1.8.0 - 'Multiple' SQL Injection (Authenticated)

[webapps] orangescrum 1.8.0 - Privilege escalation (Authenticated)

The Exploit Database - 29 Listopad, 2021 - 01:00
orangescrum 1.8.0 - Privilege escalation (Authenticated)

DSA-5014 icu

Debian.org [Security] - 28 Listopad, 2021 - 00:00
security update

DSA-5013 roundcube

Debian.org [Security] - 27 Listopad, 2021 - 00:00
security update

[webapps] Bagisto 1.3.3 - Client-Side Template Injection

The Exploit Database - 26 Listopad, 2021 - 01:00
Bagisto 1.3.3 - Client-Side Template Injection

[webapps] CMSimple 5.4 - Local file inclusion (LFI) to Remote code execution (RCE) (Authenticated)

The Exploit Database - 24 Listopad, 2021 - 01:00
CMSimple 5.4 - Local file inclusion (LFI) to Remote code execution (RCE) (Authenticated)

[local] HTTPDebuggerPro 9.11 - Unquoted Service Path

The Exploit Database - 24 Listopad, 2021 - 01:00
HTTPDebuggerPro 9.11 - Unquoted Service Path

[webapps] FLEX 1085 Web 1.6.0 - HTML Injection

The Exploit Database - 23 Listopad, 2021 - 01:00
FLEX 1085 Web 1.6.0 - HTML Injection

[webapps] Bus Pass Management System 1.0 - 'Search' SQL injection

The Exploit Database - 23 Listopad, 2021 - 01:00
Bus Pass Management System 1.0 - 'Search' SQL injection

[webapps] Webrun 3.6.0.42 - 'P_0' SQL Injection

The Exploit Database - 23 Listopad, 2021 - 01:00
Webrun 3.6.0.42 - 'P_0' SQL Injection

[local] Linux Kernel 5.1.x - 'PTRACE_TRACEME' pkexec Local Privilege Escalation (2)

The Exploit Database - 23 Listopad, 2021 - 01:00
Linux Kernel 5.1.x - 'PTRACE_TRACEME' pkexec Local Privilege Escalation (2)

[webapps] Wordpress Plugin WP Guppy 1.1 - WP-JSON API Sensitive Information Disclosure

The Exploit Database - 23 Listopad, 2021 - 01:00
Wordpress Plugin WP Guppy 1.1 - WP-JSON API Sensitive Information Disclosure

[remote] GNU gdbserver 9.2 - Remote Command Execution (RCE)

The Exploit Database - 23 Listopad, 2021 - 01:00
GNU gdbserver 9.2 - Remote Command Execution (RCE)

DSA-5012 openjdk-17

Debian.org [Security] - 23 Listopad, 2021 - 00:00
security update

[webapps] Aimeos Laravel ecommerce platform 2021.10 LTS - 'sort' SQL injection

The Exploit Database - 22 Listopad, 2021 - 01:00
Aimeos Laravel ecommerce platform 2021.10 LTS - 'sort' SQL injection

[dos] Modbus Slave 7.3.1 - Buffer Overflow (DoS)

The Exploit Database - 22 Listopad, 2021 - 01:00
Modbus Slave 7.3.1 - Buffer Overflow (DoS)

[dos] Pinkie 2.15 - TFTP Remote Buffer Overflow (PoC)

The Exploit Database - 22 Listopad, 2021 - 01:00
Pinkie 2.15 - TFTP Remote Buffer Overflow (PoC)

DSA-5011 salt

Debian.org [Security] - 19 Listopad, 2021 - 00:00
security update

[webapps] Wordpress Plugin Smart Product Review 1.0.4 - Arbitrary File Upload

The Exploit Database - 17 Listopad, 2021 - 01:00
Wordpress Plugin Smart Product Review 1.0.4 - Arbitrary File Upload

[webapps] GitLab 13.10.2 - Remote Code Execution (RCE) (Unauthenticated)

The Exploit Database - 17 Listopad, 2021 - 01:00
GitLab 13.10.2 - Remote Code Execution (RCE) (Unauthenticated)
Syndikovat obsah