Dorks List Site 1 - CXSecurity.com

	Topic	Date	Credit
Med.	Insecure Permissions vulnerability in Nagios Network Analyzer v.2024R1.02-64 and before allows a local attacker to escalate privileges via the remove_source.sh component. Dork: Nagios Network Analyzer Local Privilege Escalation	26.04.2026	Sarang Tumne
Med.	Samsung ONE Integer Overflow in CircleConst Tensor Size Calculation Dork: NO	26.04.2026	Mohammed Idrees ...
High	Critical Remote Code Execution Vulnerability in Windows Internet Key Exchange (IKE) Service (CVE-2026-33824) Dork: intitle:"Windows IKE" OR "Internet Key Exchange service" "VPN"	19.04.2026	RERO
Med.	Wavlink WL-WN579X3-C firewall.cgi UPNP Stack-based Buffer Overflow Dork: no	31.03.2026	Mohammed Idrees ...
High	LB-LINK BL-WR9000 V2.4.9 - Unauthenticated / Post-Auth Stack-based Buffer Overflow Dork: no	17.03.2026	Mohammed Idrees ...
Low	Splunk Remote Command Execution via Improper Input Validation Dork: intitle:"splunk" "Splunk Inc." inurl:8000 "splunkd" "Splunk Enterprise"	15.03.2026	RERO
High	MaxSite CMS <= 109.1 unauthenticated RCE via run_php plugin Dork: NO	02.03.2026	Mohammed Idrees ...
Low	OpenClaw tools.exec.safeBins <= 2026.2.22 Remote Code Execution Dork: NO	02.03.2026	Mohammed Idrees ...
Low	Statamic CMS < 5.73.11 & < 6.4.0 Stored XSS via SVG Upload Leading to Privilege Escalation Dork: NO	02.03.2026	Mohammed Idrees ...
High	OpenStack Vitrage < 12.0.1 / 13.0.1 Eval Injection Remote Code Execution Dork: NO	02.03.2026	Mohammed Idrees ...
High	Brickcom Camera - Remote command execution Dork: In Shodan search engine, the filter is --> realm="Brickcom"	26.02.2026	parsa rezaie khi...
Med.	LangGraph SQLite Checkpoint - SQL Injection via Metadata Filter Key Dork: NO	23.02.2026	Mohammed Idrees ...
Low	Roundcube Webmail DOM-based XSS Exploit via SVG href Attribute Dork: no	15.02.2026	Mohammed Idrees ...
Med.	WordPress Commentator Plugin - Arbitrary File Upload Dork: https://fofa.info/result?qbase64=d3AtY29udGVudC9wbHVnaW5zL2NvbW1lbnRhdG9yLw%3D%3D	14.02.2026	UnM@SK
High	Siklu EtherHaul Series EH-8010 Remote Command Execution Dork: "EH-8010" or "EH-1200"	14.02.2026	semaja2
Low	Nginx 1.25.x Server Version Information Disclosure Dork: server: nginx	29.01.2026	RERO
Low	LayerSlider 7.9.5 – Unauthenticated SQL Injection Dork: inurl:"wp-content/plugins/LayerSlider"	26.01.2026	RERO
Med.	promchimexport - SQL Injection Dork: inurl:"news.php?id="	24.12.2025	javad rashidi
Med.	cmkoo - SQL Injection Dork: inurl:"news.php?id="	21.12.2025	javad rashidi
Med.	Summar Employee Portal 3.98.0 Authenticated SQL Injection Dork: inurl:"/MemberPages/quienesquien.aspx"	17.12.2025	Peter Gabaldon

Med.

Insecure Permissions vulnerability in Nagios Network Analyzer v.2024R1.02-64 and before allows a local attacker to escalate privileges via the remove_source.sh component.

Dork: Nagios Network Analyzer Local Privilege Escalation

26.04.2026

Med.

Samsung ONE Integer Overflow in CircleConst Tensor Size Calculation

Dork: NO

26.04.2026

High

Critical Remote Code Execution Vulnerability in Windows Internet Key Exchange (IKE) Service (CVE-2026-33824)

Dork: intitle:"Windows IKE" OR "Internet Key Exchange service" "VPN"

19.04.2026

Med.

Wavlink WL-WN579X3-C firewall.cgi UPNP Stack-based Buffer Overflow

Dork: no

31.03.2026

High

LB-LINK BL-WR9000 V2.4.9 - Unauthenticated / Post-Auth Stack-based Buffer Overflow

Dork: no

17.03.2026

Low

Splunk Remote Command Execution via Improper Input Validation

Dork: intitle:"splunk" "Splunk Inc." inurl:8000 "splunkd" "Splunk Enterprise"

15.03.2026

High

MaxSite CMS <= 109.1 unauthenticated RCE via run_php plugin

Dork: NO

02.03.2026

Low

OpenClaw tools.exec.safeBins <= 2026.2.22 Remote Code Execution

Dork: NO

02.03.2026

Low

Statamic CMS < 5.73.11 & < 6.4.0 Stored XSS via SVG Upload Leading to Privilege Escalation

Dork: NO

02.03.2026

High

OpenStack Vitrage < 12.0.1 / 13.0.1 Eval Injection Remote Code Execution

Dork: NO

02.03.2026

High

Brickcom Camera - Remote command execution

Dork: In Shodan search engine, the filter is --> realm="Brickcom"

26.02.2026

Med.

LangGraph SQLite Checkpoint - SQL Injection via Metadata Filter Key

Dork: NO

23.02.2026

Low

Roundcube Webmail DOM-based XSS Exploit via SVG href Attribute

Dork: no

15.02.2026

Med.

WordPress Commentator Plugin - Arbitrary File Upload

Dork: https://fofa.info/result?qbase64=d3AtY29udGVudC9wbHVnaW5zL2NvbW1lbnRhdG9yLw%3D%3D

14.02.2026

High

Siklu EtherHaul Series EH-8010 Remote Command Execution

Dork: "EH-8010" or "EH-1200"

14.02.2026

Low

Nginx 1.25.x Server Version Information Disclosure

Dork: server: nginx

29.01.2026

Low

LayerSlider 7.9.5 – Unauthenticated SQL Injection

Dork: inurl:"wp-content/plugins/LayerSlider"

26.01.2026

Med.

promchimexport - SQL Injection

Dork: inurl:"news.php?id="

24.12.2025

Med.

cmkoo - SQL Injection

Dork: inurl:"news.php?id="

21.12.2025

Med.

Summar Employee Portal 3.98.0 Authenticated SQL Injection

Dork: inurl:"/MemberPages/quienesquien.aspx"

17.12.2025