CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm•added 2019/01/02 12:0 a.m.•49 views

Typo3 CMS pw_highslide_gallery 0.3.1 Database Disclosure

Exploit Title : Typo3 CMS pwhighslidegallery Extension 0.3.1 Database Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 02/01/2019 Vendor Homepage : typo3.org Software Download Link : extensions.typo3.org/extension/download/pwhighslidegallery/0.3.1/zip/...

Exploit DB•added 2019/01/02 12:0 a.m.•47 views

WordPress Plugin Adicon Server 1.2 - 'selectedPlace' SQL Injection

Exploit Title: WordPress Plugin Adicon Server 1.2 - 'selectedPlace' SQL Injection Date: 2018-12-28 Software Link: https://wordpress.org/plugins/adicons/ Exploit Author: Kaimi Website: https://kaimi.io Version: 1.2 Category: webapps SQL Injection File: addIcon.php Vulnerable code:...

Packet Storm•added 2019/01/02 12:0 a.m.•37 views

Typo3 CMS twwc_pages 8.7.x Database Disclosure

Exploit Title : Typo3 CMS twwcpages Extension 8.7.x Database Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 02/01/2019 Vendor Homepage : typo3.org Software Download Link : gosign.de/typo3-extension/twwcpages/ Tested On : Windows and Linux Category :...

Packet Storm•added 2018/12/31 12:0 a.m.•51 views

Quick Sales Network QuickXiao 1.0 SQL Injection

Exploit Title : Quick Sales Network QuickXiao 1.0 SQL Injection Author Discovered By : KingSkrupellos Date : 30/12/2018 Vendor Homepage : Quickxiao.Com Tested On : Windows Exploit Risk : Medium Category : WebApps Version Information : 1.0 CWE : CWE-89 Improper Neutralization of Special Elements...

0.7AI score

Packet Storm•added 2018/12/31 12:0 a.m.•70 views

Byte-Elaborazioni Web Design 1.0 SQL Injection

Exploit Title : Byte-Elaborazioni Web Design 1.0 SQL Injection Author Discovered By : KingSkrupellos Date : 30/12/2018 Vendor Homepage : Byte-Elaborazioni.Com Tested On : Windows Category : WebApps Version Information : 1.0 - Microsoft ASP.NET - IIS 6.0 + Windows Server Operating System Exploit...

0.5AI score

Packet Storm•added 2018/12/31 12:0 a.m.•46 views

Bitsolution.ws ICT Consulting Firm 1.0 Bypass / SQL Injection

Exploit Title : Bitsolution.ws ICT Consulting Firm 1.0 SQL Injection / Improper Authentication Author Discovered By : KingSkrupellos Date : 30/12/2018 Vendor Homepage : bitsolution.ws Tested On : Windows Category : WebApps Exploit Risk : Medium Version Information : 1.0 CWE : CWE-287 Improper...

Packet Storm•added 2018/12/31 12:0 a.m.•45 views

BTOptions Web Design 1.0 SQL Injection

Exploit Title : BTOptions Web Design 1.0 SQL Injection Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 30/12/2018 Vendor Homepage : btoptions.com Tested On : Windows and Linux Category : WebApps Exploit Risk : Medium Version Information : 1.0 - WebServer Apache CW...

Packet Storm•added 2018/12/31 12:0 a.m.•729 views

China Electronic WebSolutions Cnzz.Com 1.0 SQL Injection

Exploit Title : China Electronic WebSolutions Cnzz.Com 1.0 SQL Injection Author Discovered By : KingSkrupellos Date : 30/12/2018 Vendor Homepage : Cnzz.Com Google Dork : inurl:''/productlist.php?cate='' Tested On : Windows and Linux Category : WebApps Exploit Risk : Medium Version Information : 1...

Packet Storm•added 2018/12/31 12:0 a.m.•4826 views

Vitalex Computers SRO Tvorba Skolnich Webu 1.0 SQL Injection

Exploit Title : Vitalex Computers SRO Tvorba A!kolnAch webu 1.0 SQL Injection Exploit Author Discovered By : KingSkrupellos Date : 30/12/2018 Vendor Homepages : vitalex.cz Google Dork 1 : intext:'' Vitalex Computers - Tvorba A!kolnAch webu'' site:cz Google Dork 2 :...

0.8AI score

exploitpack•added 2018/12/27 12:0 a.m.•30 views

WordPress Plugin Baggage Freight Shipping Australia 0.1.0 - Arbitrary File Upload

WordPress Plugin Baggage Freight Shipping Australia 0.1.0 - Arbitrary File Upload Exploit Title: WordPress Plugin Baggage Freight Shipping Australia 0.1.0 - Arbitrary File Upload Date: 2018-12-24 Software Link: https://wordpress.org/plugins/baggage-freight/ Exploit Author: Kaimi Website:...

0.7AI score

Exploit DB•added 2018/12/27 12:0 a.m.•86 views

WordPress Plugin Audio Record 1.0 - Arbitrary File Upload

Exploit Title: WordPress Plugin Audio Record 1.0 - Arbitrary File Upload Date: 2018-12-24 Software Link: https://wordpress.org/plugins/audio-record/ Exploit Author: Kaimi Website: https://kaimi.io Version: 1.0 Category: webapps Unrestricted file upload in record upload process allowing arbitrary...

Exploit DB•added 2018/12/27 12:0 a.m.•65 views

WordPress Plugin Baggage Freight Shipping Australia 0.1.0 - Arbitrary File Upload

Exploit Title: WordPress Plugin Baggage Freight Shipping Australia 0.1.0 - Arbitrary File Upload Date: 2018-12-24 Software Link: https://wordpress.org/plugins/baggage-freight/ Exploit Author: Kaimi Website: https://kaimi.io Version: 0.1.0 Category: webapps Unrestricted file upload for unahtorized...

Packet Storm•added 2018/12/25 12:0 a.m.•24 views

WordPress Audio Record 1.0 Shell Upload

0.3AI score

Packet Storm•added 2018/12/24 12:0 a.m.•45 views

PrestaShop yllyaidechantier 1.4.9.0 Database Disclosure

Exploit Title : PrestaShop yllyaidechantier Modules 1.4.9.0 Database Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 24/12/2018 Vendor Homepage : prestashop.com Software Download Link : N/A Tested On : Windows and Linux Category : WebApps Version...

Packet Storm•added 2018/12/24 12:0 a.m.•51 views

PrestaShop FacebookPsConnect 1.6.1.4 Database Disclosure

Exploit Title : PrestaShop FacebookPsConnect Modules 1.6.1.4 Database Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 24/12/2018 Vendor Homepage : prestashop.com businesstech.fr Software Download Link : modulebazaar.com/prestashop-facebook-connect.html ...

Packet Storm•added 2018/12/24 12:0 a.m.•61 views

PrestaShop Google GSnippetsReviews 1.6.1.4 Database Disclosure

Exploit Title : PrestaShop Google GSnippetsReviews Modules 1.6.1.4 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 24/12/2018 Vendor Homepage : prestashop.com Software Download Link :...

Packet Storm•added 2018/12/24 12:0 a.m.•58 views

PrestaShop PM_AdvancedTopMenu 1.4.6.2 Database Disclosure / SQL Injection

Exploit Title : PrestaShop PMAdvancedTopMenu 1.4.6.2 Database Disclosure and SQL Injection Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 24/12/2018 Vendor Homepage : prestashop.com Software Download Link :...

0day.today•added 2018/12/23 12:0 a.m.•51 views

Juniper Secure Access SSL VPN Privilege Escalation Vulnerability

Certain Secure Access SA Series SSL VPN products originally developed by Juniper Networks but now sold and supported by Pulse Secure, LLC allow privilege escalation, as demonstrated by Secure Access SSL VPN SA-4000 5.1R5 build 9627 4.2 Release build 7631. This occurs because appropriate controls...

8.9AI score0.01297EPSS

Exploits3

Packet Storm•added 2018/12/22 12:0 a.m.•45 views

WordPress Cvp-Adegrontec 4.8.3 Shell Upload

Exploit Title : WordPress Cvp-Adegrontec Themes 4.8.3 Remote Shell Upload Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 22/12/2018 Vendor Homepage : wordpress.org Software Download Link : N/A Tested On : Windows and Linux Category : WebApps Version...