NEWS

There are no events to display

SERVICES

This service shows statistics related to Tweets related to Cyber-Security, allowing to search them by keywords such as...

The service analyzes a DNS request log and detects if there are domain names which can be generated by a Domain...

The service aims at offering a representation of the  Cybersecurity domain through the creation of a controlled...

This service collects data related to public available exploits. The database is updated daily through the official...

LATEST CVE

Published Description
CVE-2018-17113
17-09-2018 00:29:00
App/Modules/Admin/Tpl/default/Public/dwz/uploadify/scripts/uploadify.swf in EasyCMS 1.5 has XSS via the uploadifyID or movieName parameter, a related issue to CVE-2018-9173.
CVE-2018-17110
17-09-2018 00:29:00
Simple POS 4.0.24 allows SQL Injection via a products/get_products/ columns[0][search][value] parameter in the management panel, as demonstrated by products/get_products/1.
CVE-2018-17128
17-09-2018 00:29:00
A Persistent XSS issue was discovered in the Visual Editor in MyBB before 1.8.19 via a Video MyCode.
CVE-2018-17127
17-09-2018 00:29:00
blocking_request.cgi on ASUS GT-AC5300 devices through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (NULL pointer dereference and device crash) via a request that lacks a timestap parameter.
CVE-2018-17108
16-09-2018 19:29:00
The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Android might allow attackers to perform Account Takeover attacks by intercepting a security-question response during the initial configuration of the application.

Pages