Posts

Win32k ConsoleControl Offset Confusion / Privilege Escalation

Axis IP Camera Shell Upload

Hikvision IP Camera Unauthenticated Command Injection

Casdoor 1.13.0 SQL Injection

Cipi Control Panel 3.1.15 Cross Site Scripting

WAGO 750-8212 PFC200 G2 2ETH RS Privilege Escalation

Cobian Backup Gravity 11.2.0.582 Unquoted Service Path

Cobian Backup 11 Gravity 11.2.0.582 Denial Of Service

Cobian Reflector 0.9.93 RC1 Denial Of Service

Microsoft Exchange Server Remote Code Execution

Bank Management System 1.0 SQL Injection

WordPress Photoswipe Masonry Gallery 1.2.14 Cross Site Scripting

Technitium Installer 4.4 DLL Hijacking

Dahua ToolBox 1.010.0000000.0 DLL Hijacking

Simple Mobile Comparison Website 1.0 SQL Injection

Wondershare MirrorGo 2.0.11.346 Insecure File Permissions

Backdoor.Win32.FTP.Ics Remote Command Execution

Microweber CMS 1.2.10 Local File Inclusion

Backdoor.Win32.FTP.Ics Authentication Bypass / Code Execution

WebHMI 4.1.1 Remote Code Execution

WebHMI 4.1 Cross Site Scripting

Backdoor.Win32.FTP.Ics Man-In-The-Middle

aaPanel 6.8.21 Directory Traversal

Adobe ColdFusion 11 Remote Code Execution

Backdoor.Win32.Acropolis.10 Insecure Permissions

ICL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 Remote File Modification

Backdoor.Win32.Dsocks.10 Hardcoded Password

Agirhnet 1.0 Cross Site Scripting

Backdoor.Win32.Agent.baol Insecure Permissions

WordPress 99robots Header Footer Code Manager 1.1.16 Cross Site Scripting

Air Cargo Management System 1.0 SQL Injection

Trojan.Win32.Cosmu.abix Insecure Permissions

OpenStego Free Steganography Solution 0.8.4

Chrome RenderFrameHostImpl Use-After-Free

Cyclades Serial Console Server 3.3.0 Privilege Escalation

Simple Real Estate Portal System 1.0 SQL Injection

Microweber 1.2.11 Shell Upload

Dbltek GoIP GHSFVT-1.1-67-5 Local File Inclusion

FileCloud 21.2 Cross Site Request Forgery

Datarobot Remote Code Execution

WordPress Perfect Survey 1.5.1 SQL Injection

WordPress WP User Frontend 3.5.25 SQL Injection

Thinfinity VirtualUI 2.5.26.2 Information Disclosure

Thinfinity VirtualUI 2.5.41.0 IFRAME Injection

Auto Spare Parts Management 1.0 SQL Injection

HMA VPN 5.3 Unquoted Service Path

Microsoft Gaming Services 2.52.13001.0 Unquoted Service Path

Cab Management System 1.0 SQL Injection

Cab Management System 1.0 Remote Code Execution

WordPress MasterStudy LMS 2.7.5 Account Creation