Pas d'actualité

L'Actu de la veille

OpenOLAT 18.1.5 Cross Site Scripting / Privilege Escalation
OpenOLAT 18.1.5 Cross Site Scripting / Privilege Escalation
http://exploitalert.com/view-details.html?id=40226
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

ITFlow Cross Site Request Forgery
ITFlow Cross Site Request Forgery
http://exploitalert.com/view-details.html?id=40227
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Fuelflow 1.0 SQL Injection
Fuelflow 1.0 SQL Injection
http://exploitalert.com/view-details.html?id=40228
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

QNAP QTS / QuTS Hero Unauthenticated Remote Code Execution
QNAP QTS / QuTS Hero Unauthenticated Remote Code Execution
http://exploitalert.com/view-details.html?id=40229
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

FreeIPA 4.10.1 Denial Of Service / Information Disclosure
FreeIPA 4.10.1 Denial Of Service / Information Disclosure
http://exploitalert.com/view-details.html?id=40230
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

SitePad 1.8.2 Cross Site Scripting
SitePad 1.8.2 Cross Site Scripting
http://exploitalert.com/view-details.html?id=40231
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

GoAhead Web Server 2.5 goform/formTest Multiple HTML Injection Vulnerabilities
GoAhead Web Server 2.5 goform/formTest Multiple HTML Injection Vulnerabilities
http://exploitalert.com/view-details.html?id=40232
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

WordPress 6.4.3 Username Disclosure
WordPress 6.4.3 Username Disclosure
http://exploitalert.com/view-details.html?id=40233
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Fuelflow-1.0 Copyright--2024-Project-Develop-by-Mayuri-K SQLi
Fuelflow-1.0 Copyright--2024-Project-Develop-by-Mayuri-K SQLi
http://exploitalert.com/view-details.html?id=40234
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

L'Actu à J-2

[webapps] WEBIGniter v28.7.23 - Stored Cross Site Scripting (XSS)
WEBIGniter v28.7.23 - Stored Cross Site Scripting (XSS)
https://www.exploit-db.com/exploits/51807
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

L'Actu des jours précédents

SPA-CART CMS - Stored XSS
SPA-CART CMS - Stored XSS
http://exploitalert.com/view-details.html?id=40219
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] JFrog Artifactory < 7.25.4 - Blind SQL Injection
JFrog Artifactory < 7.25.4 - Blind SQL Injection
https://www.exploit-db.com/exploits/51806
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Wondercms 4.3.2 - XSS to RCE
Wondercms 4.3.2 - XSS to RCE
https://www.exploit-db.com/exploits/51805
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] SureMDM On-premise < 6.31 - CAPTCHA Bypass User Enumeration
SureMDM On-premise < 6.31 - CAPTCHA Bypass User Enumeration
https://www.exploit-db.com/exploits/51804
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Employee Management System v1 - 'email' SQL Injection
Employee Management System v1 - 'email' SQL Injection
https://www.exploit-db.com/exploits/51803
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[local] Microsoft Windows Defender - VBScript Detection Bypass
Microsoft Windows Defender - VBScript Detection Bypass
https://www.exploit-db.com/exploits/51802
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[local] Microsoft Windows Defender Bypass - Detection Mitigation Bypass
Microsoft Windows Defender Bypass - Detection Mitigation Bypass
https://www.exploit-db.com/exploits/51801
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[dos] XAMPP - Buffer Overflow POC
XAMPP - Buffer Overflow POC
https://www.exploit-db.com/exploits/51800
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] phpFox < 4.8.13 - (redirect) PHP Object Injection Exploit
phpFox < 4.8.13 - (redirect) PHP Object Injection Exploit
https://www.exploit-db.com/exploits/51799
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[local] DS Wireless Communication - Remote Code Execution
DS Wireless Communication - Remote Code Execution
https://www.exploit-db.com/exploits/51798
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Metabase 0.46.6 - Pre-Auth Remote Code Execution
Metabase 0.46.6 - Pre-Auth Remote Code Execution
https://www.exploit-db.com/exploits/51797
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] SISQUALWFM 7.1.319.103 - Host Header Injection
SISQUALWFM 7.1.319.103 - Host Header Injection
https://www.exploit-db.com/exploits/51796
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Lost and Found Information System v1.0 - ( IDOR ) leads to Account Take over
Lost and Found Information System v1.0 - ( IDOR ) leads to Account Take over
https://www.exploit-db.com/exploits/51795
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] ManageEngine ADManager Plus Build < 7183 - Recovery Password Disclosure
ManageEngine ADManager Plus Build < 7183 - Recovery Password Disclosure
https://www.exploit-db.com/exploits/51794
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[dos] VIMESA VHF/FM Transmitter Blue Plus 9.7.1 (doreboot) - Remote Denial Of Service
VIMESA VHF/FM Transmitter Blue Plus 9.7.1 (doreboot) - Remote Denial Of Service
https://www.exploit-db.com/exploits/51793
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Splunk 9.0.4 - Information Disclosure
Splunk 9.0.4 - Information Disclosure
https://www.exploit-db.com/exploits/51792
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Online Nurse Hiring System 1.0 - Time-Based SQL Injection
Online Nurse Hiring System 1.0 - Time-Based SQL Injection
https://www.exploit-db.com/exploits/51791
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Rail Pass Management System 1.0 - Time-Based SQL Injection
Rail Pass Management System 1.0 - Time-Based SQL Injection
https://www.exploit-db.com/exploits/51790
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Wordpress Seotheme - Remote Code Execution Unauthenticated
Wordpress Seotheme - Remote Code Execution Unauthenticated
https://www.exploit-db.com/exploits/51789
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[webapps] Wordpress Augmented-Reality - Remote Code Execution Unauthenticated
Wordpress Augmented-Reality - Remote Code Execution Unauthenticated
https://www.exploit-db.com/exploits/51788
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[dos] Elasticsearch - StackOverflow DoS
Elasticsearch - StackOverflow DoS
https://www.exploit-db.com/exploits/51787
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

[remote] Zyxel zysh - Format string
Zyxel zysh - Format string
https://www.exploit-db.com/exploits/51786
Partager : LinkedIn / Twitter / Facebook / View / View (lite)