Drupal 8 SA-CORE-2018-002 RCE

Remote command execution vulnerability in Drupal core/lib/Drupal/Core/DrupalKernel.php Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

Drupal 7 SA-CORE-2018-002 RCE

Remote command execution vulnerability in Drupal core/lib/Drupal/Core/DrupalKernel.php Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

Drupal 7 SA-CORE-2018-004 RCE

Remote command execution vulnerability in Drupal Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

Joomla Component com_ccnewsletter removeSubscriber SQL Injection

SQL Injection vulnerability in Joomla ccNewsletter component id parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

WordPress Ninja Forms SQL Injection

SQL Injection vulnerability in WordPress Ninja Forms plugin parse-media-shortcode parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

Apache Struts Dynamic Method Invocation Expression Handling RCE

Remote command execution vulnerability in Apache Struts Dynamic Method Invocation expression handling Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

Apache Struts REST Plugin OGNL Expression Handling RCE

Remote command execution vulnerability in Apache Struts REST Plugin OGNL expression handling Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

Apache Struts REST Plugin XStream RCE

Remote command execution vulnerability in Apache Struts REST plugin XStream XML request Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

Joomla Component com_jux_real_estate SQL Injection

SQL Injection vulnerability in Joomla JUX Real Estate component countryid parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

Shopware Server Side Template Injection RCE

Remote command execution vulnerability in Shopware getTemplateName Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

WordPress WP Mobile Detector 3.5 File Upload

Remote file upload vulnerability in WordPress WP Mobile Detector plugin resize.php src parameter Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

Zenario CMS SQL Injection

SQL Injection vulnerabilty in Zenario CMS X-FORWARDED-FOR header Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

Joomla User Notes List View SQL Injection

SQL Injection vulnerability in Joomla filtercategoryid parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

Trend Micro Smart Protection Server Encryption Key Disclosure

Encryption key disclosure vulnerability in rend Micro Smart Protection Server Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

Zenario CMS File Disclosure

File disclosure vulnerability in Zenario CMS compressor.php Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

Apache Tomcat VirtualDirContext Class File Handling Remote JSP Source Code Disclosure

Source code disclosure vulnerability in Apache Tomcat VirtualDirContext class file handling Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

vTiger File Upload

File upload vulnerability in vTiger CompanyDetailsSave.php Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

ManageEngine OpManager SQL Injection

SQL query restriction bypass vulnerability via default hardcoded admin account Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

Dolphin 7.3.0 SQL Injection

SQL injection vulnerability in Dolphin flash\modules\chat\incctions.inc.php key parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

Symantec Endpoint Protection Manager File Upload

File upload vulnerability in Symantec Endpoint Protection Manager Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

Apache Tomcat for Windows HTTP PUT Method File Upload

File upload vulnerability in Apache Tomcat for Windows HTTP PUT method Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

WordPress Mail Masta 1.0 File Disclosure

File disclosure vulnerability in WordPress Mail Masta plugin Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

WordPress Gravity Forms File Upload

File upload vulnerability in WordPress Gravity Forms plugin upload.php Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

WordPress WPshop File Upload

File upload vulnerability in WordPress WPshop plugin ajax.php Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

WordPress ACF Frontend Display File Upload

File upload vulnerability in WordPress ACF Frontend Display plugin Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

WordPress Service Finder Booking File Disclosure

File disclosure vulnerability in Service Finder Booking plugin Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

Joomla Component com_jemembership SQL Injection

SQL Injection vulnerability in Joomla JEXTN Membership component planid parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

Joomla Component com_jbusinessdirectory SQL Injection

SQL Injection vulnerability in Joomla J-BusinessDirectory component term parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

Trend Micro OfficeScan 11.0/XG Encryption Key Disclosure

Encryption key disclosure vulnerability in TrendMicro OfficeScan Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

Western Digital My Cloud File Upload

File upload vulnerability in Western Digital My Cloud multiuploadify.php Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

WordPress Huge-IT Video Gallery 2.0.4 SQL Injection

SQL Injection vulnerability in WordPress Huge-IT Video Gallery plugin catsearch parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

WordPress WP ecommerce Shop Styling 2.5 File Disclosure

File disclosure vulnerability in WordPress WP ecommerce Shop Styling plugin Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

Trend Micro InterScan Messaging Security Virtual Appliance WizardSetting_sys.imss RCE

Remote command execution vulnerability in Trend Micro InterScan Messaging Security Virtual Appliance WizardSettingsys.imss sysdesname parameter Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

vBulletin LFI

Local file include vulnerability in vBulletin routestring parameter Vulnerability Type: Local File Include For the exploit source code contact DSquare Security sales team...

WordPress Platform Theme RCE

Remote command execution vulnerability in WordPress Platform theme pagelinesregistersettings function Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

OpenEMR 5.0.0 RCE

Remote command execution vulnerability in OpenEMR faxdispatch.php formfilename parameter Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

CiviCRM SQL Injection

SQL injection vulnerability in CiviCRM civicrm/report/list grp parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

WordPress Ultimate Form Builder Lite SQL Injection

SQL Injection vulnerability in WordPress Ultimate Form Builder Lite plugin /classes/ufbl-lib.php formid parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

WordPress Polls Widget SQL Injection

SQL Injection vulnerability in WordPress Polls Widget plugin /forntend/frontend.php questionid parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

NETGEAR DGN1000/DGN2200 RCE

Remote code execution vulnerability in NETGEAR DGN1000/DGN2200 setup.cgi currentsetting.htm Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

Apache Struts 2 Struts 1 Plugin ActionMessage < 2.3.32 RCE

Remote command execution vulnerability in Apache Struts 2 Struts 1 plugin ActionMessage class error message input handling Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

Trend Micro Mobile Security for Enterprise SQL Injection

SQL injection vulnerability in Trend Micro Mobile Security for Enterprise assignpolicy action Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

WordPress EZ SQL Reports Shortcode Widget and DB Backup SQL Injection

SQL Injection vulnerability in WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin shortcode parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

WordPress SQL Shortcode SQL Injection

SQL Injection vulnerability in WordPress SQL Shortcode plugin shortcode parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

WordPress RegistrationMagic-Custom Registration Forms SQL Injection

SQL Injection vulnerability in WordPress RegistrationMagic-Custom Registration Forms plugin includes/classrmdbmanager.php Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

WordPress EZ SQL Reports Shortcode Widget and DB Backup RCE

Remote command execution vulnerability in WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin shortcode parameter Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

TYPO3 Restler File Disclosure

File disclosure vulnerability in TYPO3 Restler extension getsource.php Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

Trend Micro Data Loss Prevention File Disclosure

File disclosure vulnerability in Trend Micro Data Loss Prevention Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

Trend Micro Mobile Security for iOS/Android Proxy.php RCE

Remote command execution vulnerability in Trend Micro Mobile Security for iOS/Android Proxy.php T parameter Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

Schneider Electric Pelco VideoXpert auth_token Cookie Disclosure

Schneider Electric Pelco VideoXpert /portal/ URI path traversal authtoken cookie disclosure Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...