authenticated

CITSmart ITSM 9.1.2.27 – ‘query’ Time-based Blind SQL Injection (Authenticated)

1 min read

Exploit/Advisories
Vulnerabilties

CITSmart ITSM 9.1.2.27 – ‘query’ Time-based Blind SQL Injection (Authenticated)

admin April 14, 2021

# Exploit Title: CITSmart ITSM 9.1.2.27 - 'query' Time-based Blind SQL Injection (Authenticated) # Google Dork: "citsmart.local"...

phpPgAdmin 7.13.0 – COPY FROM PROGRAM Command Execution (Authenticated)

1 min read

Exploit/Advisories
Vulnerabilties

phpPgAdmin 7.13.0 – COPY FROM PROGRAM Command Execution (Authenticated)

admin April 1, 2021

# Exploit Title: phpPgAdmin 7.13.0 - COPY FROM PROGRAM Command Execution (Authenticated) # Date: 29/03/2021 # Exploit...

ScadaBR 1.0 – Arbitrary File Upload (Authenticated) (2)

4 min read

Exploit/Advisories
Vulnerabilties

ScadaBR 1.0 – Arbitrary File Upload (Authenticated) (2)

admin April 1, 2021

# Exploit Title: ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (2) # Date: 04/21 # Exploit Author:...

ScadaBR 1.0 – Arbitrary File Upload (Authenticated) (1)

3 min read

Exploit/Advisories
Vulnerabilties

ScadaBR 1.0 – Arbitrary File Upload (Authenticated) (1)

admin April 1, 2021

# Exploit Title: ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (1) # Date: 03/2021 # Exploit Author:...

WordPress Plugin WP Super Cache 1.7.1 – Remote Code Execution (Authenticated)

1 min read

Exploit/Advisories
Vulnerabilties

WordPress Plugin WP Super Cache 1.7.1 – Remote Code Execution (Authenticated)

admin March 29, 2021

# Exploit Title: WordPress Plugin WP Super Cache 1.7.1 - Remote Code Execution (Authenticated) # Google Dork:...

Dolibarr ERP/CRM 11.0.4 – File Upload Restrictions Bypass (Authenticated RCE)

4 min read

Exploit/Advisories
Vulnerabilties

Dolibarr ERP/CRM 11.0.4 – File Upload Restrictions Bypass (Authenticated RCE)

admin March 25, 2021

# Exploit Title: Dolibarr ERP/CRM 11.0.4 - File Upload Restrictions Bypass (Authenticated RCE) # Date: 16/06/2020 #...

Ovidentia 6 – ‘id’ SQL injection (Authenticated)

1 min read

Exploit/Advisories
Vulnerabilties

Ovidentia 6 – ‘id’ SQL injection (Authenticated)

admin March 25, 2021

# Exploit Title: Ovidentia 6 - 'id' SQL injection (Authenticated) # Exploit Author: Felipe Prates Donato (m4ud)...

Codiad 2.8.4 – Remote Code Execution (Authenticated)

3 min read

Exploit/Advisories
Vulnerabilties

Codiad 2.8.4 – Remote Code Execution (Authenticated)

admin March 24, 2021

# Exploit Title: Codiad 2.8.4 - Remote Code Execution (Authenticated) # Discovery by: WangYihang # Vendor Homepage:...

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Authenticated Command Injection ≈ Packet Storm

2 min read

Exploit/Advisories
Vulnerabilties

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Authenticated Command Injection ≈ Packet Storm

admin March 20, 2021

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Authenticated Command Injection Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology,...

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Command Injection (Authenticated)

2 min read

Exploit/Advisories
Vulnerabilties

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Command Injection (Authenticated)

admin March 19, 2021

# Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Command Injection (Authenticated) # Date: 03.02.2021 #...

rConfig 3.9.6 – Arbitrary File Upload to Remote Code Execution (Authenticated)

2 min read

Exploit/Advisories
Vulnerabilties

rConfig 3.9.6 – Arbitrary File Upload to Remote Code Execution (Authenticated)

admin March 18, 2021

# Exploit Title: rConfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated) # Date: 2021-03-17 #...

rConfig 3.9.6 – ‘path’ Local File Inclusion (Authenticated)

1 min read

Exploit/Advisories
Vulnerabilties

rConfig 3.9.6 – ‘path’ Local File Inclusion (Authenticated)

admin March 15, 2021

# Exploit Title: rConfig 3.9.6 - 'path' Local File Inclusion (Authenticated) # Date: 2021-03-12 # Exploit Author:...

Monitoring System (Dashboard) 1.0 – File Upload RCE (Authenticated)

6 min read

Exploit/Advisories
Vulnerabilties

Monitoring System (Dashboard) 1.0 – File Upload RCE (Authenticated)

admin March 12, 2021

# Exploit Title: Monitoring System (Dashboard) 1.0 - File Upload RCE (Authenticated) # Exploit Author: Richard Jones...

Textpattern 4.8.3 – Remote code execution (Authenticated) (2)

3 min read

Exploit/Advisories
Vulnerabilties

Textpattern 4.8.3 – Remote code execution (Authenticated) (2)

admin March 5, 2021

# Exploit Title: Textpattern 4.8.3 - Remote code execution (Authenticated) (2) # Date: 03/03/2021 # Exploit Author:...

Web Based Quiz System 1.0 – ‘eid’ Union Based Sql Injection (Authenticated)

1 min read

Exploit/Advisories
Vulnerabilties

Web Based Quiz System 1.0 – ‘eid’ Union Based Sql Injection (Authenticated)

admin March 5, 2021

# Exploit Title: Web Based Quiz System 1.0 - 'eid' Union Based Sql Injection (Authenticated) # Date:...

Local Services Search Engine Management System (LSSMES) 1.0 – Blind & Error based SQL injection (Authenticated)

1 min read

Exploit/Advisories
Vulnerabilties

Local Services Search Engine Management System (LSSMES) 1.0 – Blind & Error based SQL injection (Authenticated)

admin March 3, 2021

# Exploit Title: Local Services Search Engine Management System (LSSMES) 1.0 - Blind & Error based SQL...

[webapps] Zen Cart 1.5.7b – Remote Code Execution (Authenticated)

1 min read

Exploit/Advisories
Vulnerabilties

[webapps] Zen Cart 1.5.7b – Remote Code Execution (Authenticated)

admin March 2, 2021

Zen Cart 1.5.7b – Remote Code Execution (Authenticated) Source link

Batflat CMS 1.3.6 – Remote Code Execution (Authenticated)

2 min read

Exploit/Advisories
Vulnerabilties

Batflat CMS 1.3.6 – Remote Code Execution (Authenticated)

admin February 18, 2021

# Exploit Title: Batflat CMS 1.3.6 - Remote Code Execution (Authenticated) # Date: 2020-12-27 # Exploit Author:...

Gitea 1.12.5 – Remote Code Execution (Authenticated)

5 min read

Exploit/Advisories
Vulnerabilties

Gitea 1.12.5 – Remote Code Execution (Authenticated)

admin February 18, 2021

# Exploit Title: Gitea 1.12.5 - Remote Code Execution (Authenticated) # Date: 17 Feb 2020 # Exploit...

TestLink 1.9.20 – Unrestricted File Upload (Authenticated)

4 min read

Exploit/Advisories
Vulnerabilties

TestLink 1.9.20 – Unrestricted File Upload (Authenticated)

admin February 15, 2021

[*] [*]# Exploit Title: TestLink 1.9.20 - Unrestricted File Upload (Authenticated) # Date: 14th February 2021 #...

Posts navigation

1 2 3 4 … 8 Next

authenticated

CITSmart ITSM 9.1.2.27 – ‘query’ Time-based Blind SQL Injection (Authenticated)

phpPgAdmin 7.13.0 – COPY FROM PROGRAM Command Execution (Authenticated)

ScadaBR 1.0 – Arbitrary File Upload (Authenticated) (2)

ScadaBR 1.0 – Arbitrary File Upload (Authenticated) (1)

WordPress Plugin WP Super Cache 1.7.1 – Remote Code Execution (Authenticated)

Dolibarr ERP/CRM 11.0.4 – File Upload Restrictions Bypass (Authenticated RCE)

Ovidentia 6 – ‘id’ SQL injection (Authenticated)

Codiad 2.8.4 – Remote Code Execution (Authenticated)

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Authenticated Command Injection ≈ Packet Storm

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Command Injection (Authenticated)

rConfig 3.9.6 – Arbitrary File Upload to Remote Code Execution (Authenticated)

rConfig 3.9.6 – ‘path’ Local File Inclusion (Authenticated)

Monitoring System (Dashboard) 1.0 – File Upload RCE (Authenticated)

Textpattern 4.8.3 – Remote code execution (Authenticated) (2)

Web Based Quiz System 1.0 – ‘eid’ Union Based Sql Injection (Authenticated)

Local Services Search Engine Management System (LSSMES) 1.0 – Blind & Error based SQL injection (Authenticated)

[webapps] Zen Cart 1.5.7b – Remote Code Execution (Authenticated)

Batflat CMS 1.3.6 – Remote Code Execution (Authenticated)

Gitea 1.12.5 – Remote Code Execution (Authenticated)

TestLink 1.9.20 – Unrestricted File Upload (Authenticated)

You may have missed

Ubuntu Security Notice USN-4925-1 ≈ Packet Storm

nfstream 6.3.1

Casey’s General Stores Announces Security and Retail Leader Paul Suarez Joins Company as Chief Information Security Officer

Adtran Personal Phone Manager 10.8.1 – ‘Multiple’ Reflected Cross-Site Scripting (XSS)

Recent Topics

Archives

April 2021
S	M	T	W	T	F	S
« Mar
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30