Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2022-05-22
Low
Med.
Low
High
2022-05-19
High
Low
Low
High
Med.
2022-05-17
Low
High
High
High

The latest CVEs

2022-05-23
CVE-2021-41714
In Tipask < 3.5.9, path parameters entered by the user are not validated when downloading attachments, a registered user can download arbitrary files on the Tipask server such as .env, /etc/passwd, laravel.log, causing infomation leakage.
CVE-2022-1811
Unrestricted Upload of File with Dangerous Type in GitHub repository publify/publify prior to 9.2.9.
CVE-2022-28932
D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to contain insecure permissions.
CVE-2022-29004
Diary Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Name parameter in search-result.php.
CVE-2022-29005
Multiple cross-site scripting (XSS) vulnerabilities in the component /obcs/user/profile.php of Online Birth Certificate System v1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fname or lname parameters.
CVE-2022-30014
Lumidek Associates Simple Food Website 1.0 is vulnerable to Cross Site Request Forgery (CSRF) which allows anyone to takeover admin/moderater account.
CVE-2022-30016
Rescue Dispatch Management System 1.0 is vulnerable to Incorrect Access Control via http://localhost/rdms/admin/?page=system_info.
CVE-2022-30017
Rescue Dispatch Management System 1.0 suffers from Stored XSS, leading to admin account takeover via cookie stealing.
CVE-2022-0900
A Stored Cross-Site Scripting (XSS) vulnerability in DivvyDrive's "aciklama" parameter could allow anyone to gain users' session informations.
CVE-2022-28997
CSZCMS v1.3.0 allows attackers to execute a Server-Side Request Forgery (SSRF) which can be leveraged to leak sensitive data via a local file inclusion at /admin/filemanager/connector/.

Dorks

2022-05-19
Med.
Will VPN App - VPN App With Admin Panel - Phpthumb Command Injection
- / use your brain
L4663r666h05t
2022-05-14
High
Designed by OG Advertising - Sql Injection Vulnerability
intext:"Designed by OG Advertising"
LeetGh0sts Squ4d
2022-05-11
High
Ruijie Reyee Mesh Router Remote Code Execution( CVE-2021-43164 )
None
Minh Khoa
2022-05-10
Low
Infreshop - Cross-Site Scripting Vulnerability
"Powered by Infreshop"
Gh05t666nero
2022-05-09
Med.
Zimbra - Request URL Override Vulnerability
inurl:/public/launchSidebar.jsp
Gh05t666nero

Copyright 2022, cxsecurity.com

 

Back to Top