Posts

ERPNext 12.18.0 / 13.0.0 SQL Injection

SIS-REWE GO 7.5.0/12C Cross Site Scripting

Mozilla Windows Maintenance Service Weak DACL

TOR Virtual Network Tunneling Tool 0.4.5.8

AWS CloudShell Terminal Escape Injection / Remote Code Execution

OpenNetAdmin 18.1.1 Remote Command Execution

Human Resource Information System 0.1 Cross Site Scripting

Microweber CMS 1.1.20 Remote Code Execution

Backdoor.Win32.Antilam.13.a Code Execution

Linux/x86 setreuid(0) / execve("/bin/sh") Shellcode

Backdoor.Win32.MotivFTP.12 Authentication Bypass / Code Execution

TFTP Broadband 4.3.0.1465 Unquoted Service Path

BOOTP Turbo 2.0.0.1253 Unquoted Service Path

DHCP Broadband 4.1.0.1503 Unquoted Service Path

PHP Timeclock 1.04 SQL Injection

PHP Timeclock 1.04 Cross Site Scripting

macOS Gatekeeper Check Bypass

Epic Games Easy Anti-Cheat 4.0 Local Privilege Escalation

WifiHotSpot 1.0.0.0 Unquoted Service Path

Android Memory Disclosure / Out-Of-Bounds Write / Double-Free

Voting System 1.0 Shell Upload

Human Resource Information System 0.1 Remote Code Execution

Voting System 1.0 SQL Injection

Sandboxie Plus 0.7.4 Unquoted Service Path

Sandboxie 5.49.7 Denial Of Service

b2evolution 7-2-2 SQL Injection

WordPress WP Super Edit 2.5.4 Arbitrary File Upload

Schlix CMS 2.2.6-6 Remote Code Execution

Schlix CMS 2.2.6-6 Cross Site Scripting

Xmind 2020 Cross Site Scripting / Code Execution

Tagstoo 2.0.1 Cross Site Scripting / Code Execution

Marky 0.0.1 Cross Site Scripting / Code Execution

StudyMD 0.3.2 Cross Site Scripting / Code Execution

SnipCommand 0.1.0 Cross Site Scripting / Code Execution

Moeditor 0.2.0 Cross Site Scripting / Code Execution

Markdownify 1.2.0 Cross Site Scripting / Code Execution

Freeter 1.2.1 Cross Site Scripting / Code Execution

Markdown-Explorer 0.1.1 Cross Site Scripting / Code Execution

Markright 1.0 Cross Site Scripting / Code Execution

Anote 1.0 Cross Site Scripting / Code Execution

Backdoor.Win32.NinjaSpy.c Code Execution

Backdoor.Win32.Floder.gqe Insecure Permissions

Trojan.Win32.Siscos.bqe Insecure Permissions

Packed.Win32.Black.d Unauthenticated Open Proxy

Trojan.Win32.Agent.xdtv Insecure Permissions

GravCMS 1.10.7 Remote Command Execution

Shenzhen Skyworth RN510 Information Disclosure

Shenzhen Skyworth RN510 Cross Site Request Forgery / Cross Site Scripting

Human Resource Information System 1.0 Authentication Bypass / Account Creation