Pas d'actualité

L'Actu de la veille

[webapps] WordPress Theme Workreap 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution
WordPress Theme Workreap 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution
https://www.exploit-db.com/exploits/51510
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Thruk Monitoring Web Interface 3.06 - Path Traversal
Thruk Monitoring Web Interface 3.06 - Path Traversal
https://www.exploit-db.com/exploits/51509
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

L'Actu des jours précédents

Prestashop 8.0.4 CSV injection
Prestashop 8.0.4 CSV injection
http://www.exploitalert.com/view-details.html?id=39576
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Expert Job Portal Management System 1.0 SQL Injection
Expert Job Portal Management System 1.0 SQL Injection
http://www.exploitalert.com/view-details.html?id=39577
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

CloudPanel 2.2.2 Privilege Escalation / Path Traversal
CloudPanel 2.2.2 Privilege Escalation / Path Traversal
http://www.exploitalert.com/view-details.html?id=39578
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

WordPress Updraft 0.6.1 Backup Disclosure
WordPress Updraft 0.6.1 Backup Disclosure
http://www.exploitalert.com/view-details.html?id=39579
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Expert Job Portal Management System 1.0 Cross Site Scripting
Expert Job Portal Management System 1.0 Cross Site Scripting
http://www.exploitalert.com/view-details.html?id=39572
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

ManageEngine ADManager Plus Command Injection
ManageEngine ADManager Plus Command Injection
http://www.exploitalert.com/view-details.html?id=39573
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Unilogies/bumsys v1.0.3 beta Unrestricted File Upload
Unilogies/bumsys v1.0.3 beta Unrestricted File Upload
http://www.exploitalert.com/view-details.html?id=39574
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

WordPress Getwid Gutenberg Blocks 1.8.3 Improper Authorization / SSRF
WordPress Getwid Gutenberg Blocks 1.8.3 Improper Authorization / SSRF
http://www.exploitalert.com/view-details.html?id=39575
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Trend Micro OfficeScan Client 10.0 ACL Service LPE
Trend Micro OfficeScan Client 10.0 ACL Service LPE
http://www.exploitalert.com/view-details.html?id=39569
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Acelle Email Marketing 3.0.15 Arbitrary File Upload
Acelle Email Marketing 3.0.15 Arbitrary File Upload
http://www.exploitalert.com/view-details.html?id=39570
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[local] USB Flash Drives Control 4.1.0.0 - Unquoted Service Path
USB Flash Drives Control 4.1.0.0 - Unquoted Service Path
https://www.exploit-db.com/exploits/51508
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Tree Page View Plugin 1.6.7 - Cross Site Scripting (XSS)
Tree Page View Plugin 1.6.7 - Cross Site Scripting (XSS)
https://www.exploit-db.com/exploits/51507
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[local] Macro Expert 4.9 - Unquoted Service Path
Macro Expert 4.9 - Unquoted Service Path
https://www.exploit-db.com/exploits/51506
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] File Manager Advanced Shortcode 2.3.2 - Unauthenticated Remote Code Execution (RCE)
File Manager Advanced Shortcode 2.3.2 - Unauthenticated Remote Code Execution (RCE)
https://www.exploit-db.com/exploits/51505
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] MotoCMS Version 3.4.3 - SQL Injection
MotoCMS Version 3.4.3 - SQL Injection
https://www.exploit-db.com/exploits/51504
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] STARFACE 7.3.0.10 - Authentication with Password Hash Possible
STARFACE 7.3.0.10 - Authentication with Password Hash Possible
https://www.exploit-db.com/exploits/51503
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Barebones CMS v2.0.2 - Stored Cross-Site Scripting (XSS) (Authenticated)
Barebones CMS v2.0.2 - Stored Cross-Site Scripting (XSS) (Authenticated)
https://www.exploit-db.com/exploits/51502
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Enrollment System Project v1.0 - SQL Injection Authentication Bypass (SQLI)
Enrollment System Project v1.0 - SQL Injection Authentication Bypass (SQLI)
https://www.exploit-db.com/exploits/51501
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Total CMS 1.7.4 - Remote Code Execution (RCE)
Total CMS 1.7.4 - Remote Code Execution (RCE)
https://www.exploit-db.com/exploits/51500
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] MotoCMS Version 3.4.3 - Server-Side Template Injection (SSTI)
MotoCMS Version 3.4.3 - Server-Side Template Injection (SSTI)
https://www.exploit-db.com/exploits/51499
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Pydio Cells 4.1.2 - Server-Side Request Forgery
Pydio Cells 4.1.2 - Server-Side Request Forgery
https://www.exploit-db.com/exploits/51498
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Pydio Cells 4.1.2 - Cross-Site Scripting (XSS) via File Download
Pydio Cells 4.1.2 - Cross-Site Scripting (XSS) via File Download
https://www.exploit-db.com/exploits/51497
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Pydio Cells 4.1.2 - Unauthorised Role Assignments
Pydio Cells 4.1.2 - Unauthorised Role Assignments
https://www.exploit-db.com/exploits/51496
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Faculty Evaluation System 1.0 - Unauthenticated File Upload
Faculty Evaluation System 1.0 - Unauthenticated File Upload
https://www.exploit-db.com/exploits/51495
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Online Security Guards Hiring System 1.0 - Reflected XSS
Online Security Guards Hiring System 1.0 - Reflected XSS
https://www.exploit-db.com/exploits/51494
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[remote] Flexense HTTP Server 10.6.24 - Buffer Overflow (DoS) (Metasploit)
Flexense HTTP Server 10.6.24 - Buffer Overflow (DoS) (Metasploit)
https://www.exploit-db.com/exploits/51493
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] unilogies/bumsys v1.0.3 beta - Unrestricted File Upload
unilogies/bumsys v1.0.3 beta - Unrestricted File Upload
https://www.exploit-db.com/exploits/51492
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] SCRMS 2023-05-27 1.0 - Multiple SQL Injection
SCRMS 2023-05-27 1.0 - Multiple SQL Injection
https://www.exploit-db.com/exploits/51491
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Rukovoditel 3.3.1 - CSV injection
Rukovoditel 3.3.1 - CSV injection
https://www.exploit-db.com/exploits/51490
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Camaleon CMS v2.7.0 - Server-Side Template Injection (SSTI)
Camaleon CMS v2.7.0 - Server-Side Template Injection (SSTI)
https://www.exploit-db.com/exploits/51489
Partager : LinkedIn / Twitter / Facebook / View / View (lite)