Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

Best Hackers:
{{ te.id }}. {{te.nameDis}}
CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}
Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2024-05-14
Low
Chyrp 2.5.2 Cross Site Scripting
Ahmet Umit Bayram
Med.
82webmaster - Blind Sql Injection
behrouz mansoori
Med.
Webmirchi - Blind Sql Injection
behrouz mansoori
High
Backdoor.Win32.AsyncRat / Arbitrary Code Execution
malvuln
High
TrojanSpy.Win64.EMOTET.A / Arbitrary Code Execution
malvuln
Low
Apache mod_proxy_cluster Cross Site Scripting CVE-2023-6710
Mohamed Mounir Boudjema
Low
Leafpub 1.1.9 Cross Site Scripting
Ahmet Umit Bayram
2024-05-13
Med.
Kemp LoadMaster Local sudo Privilege Escalation
bwatters-r7
Med.
Panel.SmokeLoader / Cross Site Request Forgery (CSRF) - Persistent XSS
malvuln
Low
Esteghlal F.C. Cross Site Scripting
E1.Coders
Med.
Prison Management System SQL Injection Authentication Bypass CVE-2024-33288
Sanjay Singh
2024-05-12
High
Microsoft PlayReady Complete Client Identity Compromise
Adam Gowdiak
Med.
Castel Digital Authentication Bypass
CCA469

The latest CVEs

Dorks

2024-05-16
CVE-2024-35183
wolfictl is a command line tool for working with Wolfi. A git authentication issue in versions prior to 0.16.10 allows a local user??s GitHub token to be sent to remote servers other than `github.com`. Most git-dependent functionality in wolfictl relies on its own `git` package, which contains centralized logic for implementing interactions with gi...
CVE-2024-35184
Paperless-ngx is a document management system that transforms physical documents into a searchable online archive. Starting in version 2.5.0 and prior to version 2.8.6, remote user authentication allows API access even if API access is explicitly disabled. Version 2.8.6 contains a patchc for the issue.
CVE-2024-4914
A vulnerability, which was classified as critical, has been found in Campcodes Online Examination System 1.0. This issue affects some unknown processing of the file ranking-exam.php. The manipulation of the argument exam_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Th...
CVE-2024-4915
A vulnerability, which was classified as critical, was found in Campcodes Online Examination System 1.0. Affected is an unknown function of the file result.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-264450 is the ide...
CVE-2024-4916
A vulnerability has been found in Campcodes Online Examination System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file selExamAttemptExe.php. The manipulation of the argument thisId leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may ...
CVE-2024-4917
A vulnerability was found in Campcodes Online Examination System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file submitAnswerExe.php. The manipulation of the argument exmne_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Th...
CVE-2024-4918
A vulnerability was found in Campcodes Online Examination System 1.0. It has been classified as critical. This affects an unknown part of the file updateQuestion.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifie...
2024-05-15
CVE-2023-40297
Stakater Forecastle 1.0.139 and before allows %5C../ directory traversal in the website component.
CVE-2024-31409
Certain MQTT wildcards are not blocked on the CyberPower PowerPanel system, which might result in an attacker obtaining data from throughout the system after gaining access to any device.
CVE-2024-31410
The devices which CyberPower PowerPanel manages use identical certificates based on a hard-coded cryptographic key. This can allow an attacker to impersonate any client in the system and send malicious data.
2024-05-14
Med.
82webmaster - Blind Sql Injection
"Design & Developed By: 82webmaster"
 behrouz mansoori
Med.
Webmirchi - Blind Sql Injection
"Powered by Webmirchi"
 behrouz mansoori
2024-05-12
Med.
Castel Digital Authentication Bypass
"Castel Digital"
 CCA469
2024-05-06
Med.
Kobiz Design - Sql Injection
"Desing by Kobiz Design Co"
 behrouz mansoori
2024-05-05
Med.
Oracuz - Blind Sql Injection
"Design by Oracuz"
 behrouz mansoori
Quick goto:

Bugtraq The latest CVEs Dorks
Search

Are you looking CVE for some product?

Top Vendors:

Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla
 
Full List of Vendors

Top Products:

Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx
 

Full List of Products

Top CWE:

CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)
 
Check CWE Dictionary

Donate:
is an open project developed and moderated fully by one independent person.
Help develop the project and make
Donations
Copyright 2024, cxsecurity.com

 

Back to Top