Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2022-06-28
Low
Med.
Low
Med.
Low
Med.
Med.
2022-06-26
Med.
Med.
Low
Low
Med.
Low

The latest CVEs

2022-06-29
CVE-2021-40642
Textpattern CMS v4.8.7 and older vulnerability exists through Sensitive Cookie in HTTPS Session Without 'Secure' Attribute via textpattern/lib/txplib_misc.php. The secure flag is not set for txp_login session cookie in the application. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any ...
CVE-2017-20108
A vulnerability classified as problematic has been found in Easy Table Plugin 1.6. This affects an unknown part of the file /wordpress/wp-admin/options-general.php. The manipulation with the input "><script>alert(1)</script> leads to basic cross site scripting. It is possible to initiate the attack remotely.
CVE-2017-20109
A vulnerability classified as problematic was found in Teleopti WFM up to 7.1.0. Affected by this vulnerability is an unknown functionality of the file /TeleoptiWFM/Administration/GetOneTenant of the component Administration. The manipulation leads to information disclosure (Credentials). The attack can be launched remotely. The exploit has been di...
CVE-2017-20110
A vulnerability, which was classified as problematic, has been found in Teleopti WFM up to 7.1.0. Affected by this issue is some unknown functionality of the component Administration. The manipulation as part of JSON leads to information disclosure (Credentials). The attack may be launched remotely. The exploit has been disclosed to the public and ...
CVE-2017-20111
A vulnerability, which was classified as critical, was found in Teleopti WFM 7.1.0. This affects an unknown part of the component Administration. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to...
CVE-2017-20112
A vulnerability has been found in IVPN Client 2.6.6120.33863 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument --up cmd leads to improper privilege management. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to v...
CVE-2022-32532
Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass.
CVE-2022-28803
In SilverStripe Framework through 2022-04-07, Stored XSS can occur in javascript link tags added via XMLHttpRequest (XHR).
CVE-2022-29269
In Nagios XI through 5.8.5, in the schedule report function, an authenticated attacker is able to inject HTML tags that lead to the reformatting/editing of emails from an official email address.
CVE-2022-29270
In Nagios XI through 5.8.5, it is possible for a user without password verification to change his e-mail address.

Dorks

2022-06-28
Low
SEO Nethizmet Admin NoRedirect Bypass
"intext:"Web Tasarım Seo Nethizmet""
BQX
Low
Mailhog 1.0.1 Stored Cross-Site Scripting (XSS)
https://www.shodan.io/search?query=mailhog ( > 3500)
Vulnz
2022-06-22
Med.
BLUEWATER MARIBAGO BEACH RESORT - SQL Injection Vulnerability
intext:"BLUEWATER MARIBAGO BEACH RESORT " inurl:/index.php?page=
MR.$UD0
2022-06-11
Low
WEB SITE Yas Arghavani System XSS( Multiple CVE )
-
E1.Coders
2022-06-05
High
H3k / tiny File Manager
intitle:"h3k File Manager"
Hamza Anonime

Copyright 2022, cxsecurity.com

 

Back to Top