NEWS & EVENTS

SERVICES

This service collects data related to public available exploits. The database is updated daily through the official...

This service shows statistics related to Tweets related to Cyber-Security, allowing to search them by keywords such as...

The main goal of the tool is to provide a simple and quick tool for cyber risk self-assessment. The tool requires two...

The service offers a platform that allows Registrars to check for any performance and security problems present on...

LATEST CVE

Published Description
CVE-2020-10244
09-03-2020 19:15:00
JPaseto before 0.3.0 generates weak hashes when using v2.local tokens.
CVE-2020-10248
09-03-2020 19:15:00
BWA DiREX-Pro 1.2181 devices allow remote attackers to discover passwords via a direct request to val_users.php3.
CVE-2019-19614
09-03-2020 19:15:00
An issue was discovered in Halvotec RAQuest 10.23.10801.0. The login page is vulnerable to wildcard injection, allowing an attacker to enumerate the list of users sharing an identical password.
CVE-2020-10246
09-03-2020 19:15:00
MISP 2.4.122 has reflected XSS via unsanitized URL parameters. This is related to app/View/Users/statistics_orgs.ctp.
CVE-2020-10249
09-03-2020 19:15:00
BWA DiREX-Pro 1.2181 devices allow full path disclosure via an invalid name array parameter to val_soft.php3.

Pages

LATEST EXPLOIT

Date Title Platform Author
04-09-2018
PHP File Browser Script 1 - Directory Traversal php AkkuS
04-09-2018
Logicspice FAQ Script 2.9.7 - Remote Code Execution php AkkuS
04-09-2018
Simple POS 4.0.24 - 'columns[0][search][value]' SQL Injection php Renos Nikolaou
04-09-2018
mooSocial Store Plugin 2.6 - SQL Injection php Andrea Bocchetti
04-09-2018
iSmartViewPro 1.5 - 'DDNS' Buffer Overflow windows_x86 Luis Martínez

Pages