Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2020-04-04
Med.
Med.
Med.
High
Med.
Low
2020-04-03
Low
Med.
Med.
High
Med.
High
Med.

The latest CVEs

2020-04-05
CVE-2020-11548
The Search Meter plugin through 2.13.2 for WordPress allows user input introduced in the search bar to be any formula. The attacker could achieve remote code execution via CSV injection if a wp-admin/index.php?page=search-meter Export is performed.
CVE-2020-11547
PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the server itself (CPU usage, memory, Windows version, and internal statistics) via an HTTP request, as demonstrated by type=probes to login.htm or index.htm.
2020-04-04
CVE-2020-11542
3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow Authentication Bypass via CMD.HTM?CMD= because authentication depends on the client side's interpretation of the <KEY>MYKEY</KEY> substring.
CVE-2020-11533
Ivanti Workspace Control before 10.4.30.0, when SCCM integration is enabled, allows local users to obtain sensitive information (keying material).
CVE-2020-11529
Common/Grav.php in Grav before 1.6.23 has an Open Redirect.
CVE-2020-11528
bit2spr 1992-06-07 has a stack-based buffer overflow (129-byte write) in conv_bitmap in bit2spr.c via a long line in a bitmap file.
CVE-2020-11527
In Zoho ManageEngine OpManager before 12.4.181, an unauthenticated remote attacker can send a specially crafted URI to read arbitrary files.
CVE-2020-11518
Zoho ManageEngine ADSelfService Plus before 5815 allows unauthenticated remote code execution.
CVE-2020-5348
Dell Latitude 7202 Rugged Tablet BIOS versions prior to A28 contain a UAF vulnerability in EFI_BOOT_SERVICES in system management mode. A local unauthenticated attacker may exploit this vulnerability by overwriting the EFI_BOOT_SERVICES structure to execute arbitrary code in system management mode.
CVE-2020-5347
Dell EMC Isilon OneFS versions 8.2.2 and earlier contain a denial of service vulnerability. SmartConnect had an error condition that may be triggered to loop, using CPU and potentially preventing other SmartConnect DNS responses.

Dorks

2020-04-04
Med.
SAUDI SOFTECH (MST) search.php Sql injection
intext: "Designed by SAUDI SOFTECH (MST) "
Blackmaster
Med.
balajicms Auth by pass Vulnerability
Copyright © KAAHGO INFOTECH | GRIEVANCES REDRESSAL CELL
indoushka
Med.
Biddokkes Polda SQL Injection
inurl:?act=berita
s3nt1n3L
Med.
2020 © ClasesIT - SIREA. Derechos reservados Admin Panel Bypass Exploit
intext:2020 © ClasesIT - SIREA. Derechos reservados (edu.ve)
Mustafa
2020-04-03
Med.
Hacker Factor Local File Inclusion Vulnerability
intext:"Copyright 2012-2020 Hacker Factor" inurl:faq.php?
TrazeR

Copyright 2020, cxsecurity.com

 

Back to Top