Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2019-09-21
High
2019-09-20
Med.
Low
Med.
Med.
Low
Med.
2019-09-19
Med.
High
Med.
Med.
Med.
Med.

The latest CVEs

2019-09-21
CVE-2019-16669
The Reset Password feature in Pagekit 1.0.17 gives a different response depending on whether the e-mail address of a valid user account is entered, which might make it easier for attackers to enumerate accounts.
CVE-2019-16665
An issue was discovered in ThinkSAAS 2.91. There is XSS via the content to the index.php?app=group&ac=comment&ts=do&js=1 URI, as demonstrated by a crafted SVG document in the SRC attribute of an EMBED element.
CVE-2019-16664
An issue was discovered in ThinkSAAS 2.91. There is XSS via the index.php?app=group&ac=create&ts=do groupname parameter.
CVE-2019-16661
Ogma CMS 0.5 has XSS via creation of a new blog.
CVE-2019-16660
joyplus-cms 1.6.0 has admin_ajax.php?action=savexml&tab=vodplay CSRF.
CVE-2019-16659
TuziCMS 2.0.6 has index.php/manage/link/do_add CSRF.
CVE-2019-16658
TuziCMS 2.0.6 has index.php/manage/notice/do_add CSRF.
CVE-2019-16657
TuziCMS 2.0.6 has XSS via the PATH_INFO to a group URI, as demonstrated by index.php/article/group/id/2/.
CVE-2019-16656
joyplus-cms 1.6.0 allows remote attackers to execute arbitrary PHP code via /install by placing the code in the name of an object in the database.
CVE-2019-16655
joyplus-cms 1.6.0 allows reinstallation if the install/ URI remains available.

Dorks

2019-09-20
Med.
StartPoligraf SQLInjection
Inurl:"post.php?id= site:ua
Mr.Pirates-X
2019-09-19
Med.
Western Digital My Book World II NAS 1.02.12 Hardcoded Credential( CVE-2019-16399 )
intitle:"My Book World Edition - MyBookWorld"
Noman Riffat
2019-09-16
Low
InJob | Multi-purpose for recruitment WordPress Theme v3.3.6 Reflected & Persistent XSS
inurl:/wp-content/themes/injob/
SubversA
Med.
Zoner | Real Estate Joomla Theme Persistent XSS
/templates/bt_zoner/html/
SubversA
2019-09-15
Med.
Cabrera Propiedades (Blind SQL Injection)
"inurl:php?id= site:ar intext:propiedades"
intrackeable

Copyright 2019, cxsecurity.com

 

Back to Top