NEWS & EVENTS

SERVICES

This service shows statistics related to Tweets related to Cyber-Security, allowing to search them by keywords such as...

The service analyzes a DNS request log and detects if there are domain names which can be generated by a Domain...

The service offers a platform that allows Registrars to check for any performance and security problems present on...

This service collects data related to public available exploits. The database is updated daily through the official...

LATEST CVE

Published Description
CVE-2020-5332
04-05-2020 19:15:00
RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain a command injection vulnerability. AN authenticated malicious user with administrator privileges could potentially exploit this vulnerability to execute arbitrary commands on the system where the vulnerable application is deployed.
CVE-2020-5335
04-05-2020 19:15:00
RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contain a cross-site request forgery vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to send arbitrary requests to the vulnerable application to perform server operations with the privileges of the authenticated victim user.
CVE-2020-10622
04-05-2020 19:15:00
LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to arbitrary file creation by unauthorized users
CVE-2020-1732
04-05-2020 17:15:00
A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request.
CVE-2020-12642
04-05-2020 16:15:00
An issue was discovered in service-api before 4.3.12 and 5.x before 5.1.1 for Report Portal. It allows XXE, with resultant secrets disclosure and SSRF, via JUnit XML launch import.

Pages

LATEST EXPLOIT

Date Title Platform Author
29-10-2018
Local Server 1.0.9 - Denial of Service (PoC) windows_x86-64 Ihsan Sencan
29-10-2018
Aplaya Beach Resort Online Reservation System 1.0 - SQL Injection / Cross-Site Request Forgery php Ihsan Sencan
29-10-2018
MTGAS MOGG Web Simulator Script - SQL Injection php Meisam Monsef
29-10-2018
School Equipment Monitoring System 1.0 - 'login' SQL Injection windows_x86-64 Ihsan Sencan
29-10-2018
Paramiko 2.4.1 - Authentication Bypass linux Adam Brown

Pages