Posts

IPS Community Suite 4.5.4.2 PHP Code Injection

Backdoor.Win32.WinShell.a Code Execution

Ubuntu OverlayFS Local Privilege Escalation

PHP 8.1.0-dev Backdoor Remote Command Execution

Backdoor.Win32.Whirlpool.a Buffer Overflow

Backdoor.Win32.NetControl2.293 Code Execution

Backdoor.Win32.Netbus.12 Information Disclosure

Backdoor.Win32.NerTe.772 Code Execution

Backdoor.Win32.NerTe.772 Authentication Bypass / Code Execution

Trojan.Win32.Scar.dulk Insecure Permissions

Trixbox 2.8.0.4 Remote Code Execution

Trixbox 2.8.0.4 Path Traversal

PHPFusion 9.03.50 Remote Code Execution

QNAP MusicStation / MalwareRemover File Upload / Command Injection

WordPress LifterLMS 4.21.0 Cross Site Scripting

Selenium 3.141.59 Remote Code Execution

CommScope Ruckus IoT Controller 1.7.1.0 Undocumented Account

CommScope Ruckus IoT Controller 1.7.1.0 Web Application Arbitrary Read/Write

CommScope Ruckus IoT Controller 1.7.1.0 Web Application Directory Traversal

CommScope Ruckus IoT Controller 1.7.1.0 Hard-Coded Web Application Administrator Password

CommScope Ruckus IoT Controller 1.7.1.0 Hard-Coded System Passwords

CommScope Ruckus IoT Controller 1.7.1.0 Hard-Coded API Keys Exposed

CommScope Ruckus IoT Controller 1.7.1.0 Unauthenticated API Endpoints

Pandora FMS 6.0SP3 Cross Site Scripting

QT PNG ICC Processing Out-Of-Bounds Read

Postbird 0.8.4 Cross Site Scripting / Local File Inclusion

nginx 1.20.0 DNS Resolver Off-By-One Heap Write

i-doit 1.15.2 Cross Site Scripting

Zen Cart 1.5.7 Cross Site Scripting

Pluck CMS 4.7.13 Remote Shell Upload

Nagios XI / Fusion Privilege Escalation / Cross Site Scripting / Code Execution

ProFTPd 1.3.5 Remote Command Execution

Codiad 2.8.4 Shell Upload

RarmaRadio 2.72.8 Denial Of Service

QT TIFF Processing Out-Of-Bounds Read

WordPress Cookie Law Bar 1.2.1 Cross Site Scripting

Gadget Works Online Ordering System 1.0 Cross Site Scripting

Backdoor.Win32.Tonerok.d Code Execution

Codiad 2.8.4 Remote Code Execution

Backdoor.Win32.Spion4 Insecure Transit

Schlix CMS 2.2.6-6 Shell Upload / Directory Traversal

PHP 8.1.0-dev Backdoor Remote Command Injection

Shopizer 2.16.0 Cross Site Scripting

iDailyDiary 4.30 Denial Of Service

Backdoor.Win32.Upload.a Denial Of Service

Backdoor.Win32.Spirit.12.b Insecure Permissions

WordPress ReDi Restaurant Reservation 21.0307 Cross Site Scripting

D-Link DWR-710 Missing Validation

ePowerSvc 6.0.3008.0 Unquoted Service Path

DiskBoss Service 12.2.18 Unquoted Service Path